1. AOMEI Backupper >
  2. Windows Server Backup >
  3. Full Guide: Reset DSRM Password on Server 2019

Full Guide: Reset DSRM Password on Server 2019

How to reset DSRM password on Server 2019 in a safer way? In order to answer the question, you need to read this below article.

Maggie

By Maggie Updated on June 29, 2023

Share this: instagram reddit
Table of Contents

Quick navigations:

Overview of Directory Service Recovery Mode

Before starting to reset the DSRM password, let's put some definitions of DSRM clearly.

What is DSRM?

Directory Services Restore Mode (DSRM) is indeed a unique boot option available in Windows Server, specifically designed for domain controllers. It serves a crucial role in restoring or repairing the Active Directory database when needed. When a situation arises that requires repair or restoration of the Active Directory database, DSRM becomes the appropriate mode to utilize.

What is DSRM password?

The DSRM password, used in conjunction with the startup key, plays a critical role in providing emergency access to modify data and reload various components of the system. Password protection ensures that only authorized individuals can make changes in this mode.

However, forgetting the DSRM password can pose challenges. Fortunately, there are proven methods available to reset the DSRM password on Windows Server 2019. By following these procedures, you can regain control over DSRM and overcome any password-related issues you may encounter.

Directory Services Restore Mode Administrator Password

Reasons to reset DSRM password

Reset DSRM password Server 2019 is done to enhance the security of the Windows Server and to ensure that only authorized administrators can log in and perform troubleshooting and repair tasks on the Active Directory database.

The following are a few common reasons for resetting the DSRM password:

┊ Forgotten password: If an administrator forgets the DSRM password, he or she will not be able to log in to DSRM mode and perform repair and recovery operations on the Active Directory database. By resetting the DSRM password, administrators can restore access to the Server.
┊Security: The DSRM password is separate from the normal administrator password, which provides additional security. By changing the DSRM password periodically, you can reduce potential security vulnerabilities and ensure that only authorized administrators are able to log in to the Server in DSRM mode.
┊Periodic changes: To comply with security best practices, administrators may change the DSRM password periodically to prevent unauthorized access and maintain system security.

In summary, the DSRM password is reset to ensure that only authorized administrators can log in to DSRM mode when needed and perform repair and recovery operations on the Active Directory database. This is a measure to protect the security of the Server.

Suggestion: proactive backup to prevent irreversible data loss

During the process of performing a reset DSRM password Server 2012 R2 or 2019, the goal is to retain existing content, including data. However, it is crucial to acknowledge the potential risk of data loss that may arise in specific situations. To mitigate this risk, it is strongly advised to adopt proactive measures in order to safeguard your operating system and critical data. One effective approach is to utilize backup software, such as AOMEI Backupper Server, which can also safeguard your PC while Windows Server 2019 updates not working.

AOMEI Backupper Server provides a range of valuable features and options for backup and restore operations:

Configuration Options: You have the flexibility to configure various settings tailored to specific backup tasks. This includes adjusting compression levels, enabling backup encryption for added security, setting up notifications for backup status updates, splitting image files to fit storage requirements, utilizing intelligent sector backup, and utilizing Volume Shadow Copy Service (VSS) for consistent backups.
Scheduled Backup: AOMEI Backupper Server allows you to schedule backups to run automatically at specific times. One case in point is that it enables Samsung T5 automatic backup.
Backup Schemes: The software offers three common backup schemes to suit different needs: full backup, incremental and differential backup to optimize storage usage and keep your backups up to date. Also, it will automatically manage and delete backup image files by enabling backup cleanup.

Download AOMEI Bakcupper Server and launch it. Here we take system backup as an example, also you are free to change the backup type.

Download Free Trial Windows Server & PC
Secure Download

Step 1. Click Backup in the left panel and then select System Backup to create a Windows Server backup.

System Backup

Step 2. The system partitions are selected by default as the source. Then choose the destination to save your Windows Server 2019 system backup image.

Select Backup Destination

Step 3. You can set a customized backup.

Under the bottom of the interface, click Schedule Backup, then you can set backup Server in daily/ weekly/ monthly/ event triggers and USB plug-in mode.

Schedule Settings General

Step 4. Then confirm your settings by clicking Start Backup.

Reset DSRM password via Ntdsutil command prompt

This is a command-line tool available in Windows, which is used to perform database operations. The DSRM password is encrypted and stored in the system registry. Here’re the steps for directory services restore mode reset domain administrator password with Ntdsutil:

Step 1. Press Win + R key to open Run, and type ntdsutil and click OK.

Run

Step 2. At the Ntdsutil command prompt, type set dsrm password.

Step 3. At the DSRM command prompt, run the Reset Password command, type one of the following lines:

☛To reset the password on the Server on which you are working: reset password on server null
☛To reset the password for another Server: reset password on server servername (where servername is the DNS name for the Server on which you are resetting the DSRM)

Step 4. After the command, you will be asked to type the new password. 

step 5. Type q to exit the DSRM command prompt once the process is complete.

Step 6. At the Ntdsutil command prompt, type q to exit.

Type Q

You can now use the local administrator account to log on to the recovery console or Directory Services Restore Mode using the new password.

Sum up

Reset DSRM password Server 2019 can be successfully performed by running Ntdsutil command. Before you perform any execution, I kindly suggest you use AOMEI Backupper Server to add one more protection layer on your PC. This proactive measure will enable you to easily recover your data in the event of any unforeseen issues that may occur during the upgrade process.

Maggie
Maggie · Editor
Maggie is a technical editor from AOMEI and troubleshoots technical problems against data protection. She has received professional and systematic technical training. With a focus on user experience, security, and problem-solving, she always puts herself in the readers' shoes and provides them with valuable technical insights.

Related Articles

Take System State Backup and Restore in Server 2008 (R2) Easily

You will learn 3 methods to take system state backup and recovery in Windows Server 2008 (R2), including using Windows Server backup utility, command line or third-party server backup software.

Full Guide: Install Domain Controller on Windows Server 2012

The guide tells you how to install Domain Controller and offers reliable backup software for Windows.

Windows Server 2019 Backup and Restore | How to Make It Easily

It has been almost three years since Windows Server 2019 first released. If you are using this server system, it is strongly recommended to backup Windows Server 2019 for security, including system state and important settings.