278:
22:
159:
Anyone with the password who has access to the domain controller can reboot the machine, copy and modify the Active
Directory database, and reboot the server without leaving any trace of the activity. DSRM password changes cannot be scripted, but can be accomplished manually through the command
39:
235:
176:, an "Active Directory Recycle Bin" was added, which allows on-line restoration of accidentally-deleted AD objects. Its functionality is reminiscent of Windows' own
319:
86:
58:
189:
208:
65:
105:
343:
72:
161:
43:
54:
227:
132:
to take the server offline for emergency maintenance, particularly restoring backups of AD objects. It is accessed on
156:
password. Starting with
Windows Server 2003, a DSRM password must be defined when the domain controller is promoted.
312:
32:
338:
79:
173:
305:
258:
263:
212:
285:
177:
129:
289:
153:
126:
149:
133:
332:
277:
209:"Directory Services Restore Mode Security, Lieberman Software, accessed 7/12/2012"
21:
137:
160:
line; DSRM passwords can also be automatically changed and audited using
264:
Restart the domain controller in
Directory Services Restore Mode locally
15:
148:
In
Windows 2000, the DSRM password is typically created as a
293:
46:. Unsourced material may be challenged and removed.
228:"How To Enable the Active Directory Recycle Bin"
313:
8:
136:via the advanced startup menu, similarly to
320:
306:
106:Learn how and when to remove this message
200:
7:
274:
272:
190:List of Microsoft Windows components
44:adding citations to reliable sources
292:. You can help Knowledge (XXG) by
14:
152:value (blank), which is also the
55:"Directory Services Restore Mode"
276:
20:
238:from the original on 2019-09-09
119:Directory Services Restore Mode
31:needs additional citations for
162:Privileged Identity Management
1:
226:Thompson, Troy (2015-11-11).
360:
271:
259:Securing the DSRM Password
344:Microsoft Windows stubs
174:Windows Server 2008 R2
40:improve this article
125:) is a function on
130:Domain Controllers
301:
300:
286:Microsoft Windows
116:
115:
108:
90:
351:
339:Active Directory
322:
315:
308:
280:
273:
247:
246:
244:
243:
223:
217:
216:
211:. Archived from
205:
154:Recovery Console
127:Active Directory
111:
104:
100:
97:
91:
89:
48:
24:
16:
359:
358:
354:
353:
352:
350:
349:
348:
329:
328:
327:
326:
269:
255:
250:
241:
239:
225:
224:
220:
207:
206:
202:
198:
186:
170:
146:
112:
101:
95:
92:
49:
47:
37:
25:
12:
11:
5:
357:
355:
347:
346:
341:
331:
330:
325:
324:
317:
310:
302:
299:
298:
281:
267:
266:
261:
254:
253:External links
251:
249:
248:
218:
215:on 2013-01-27.
199:
197:
194:
193:
192:
185:
182:
169:
166:
145:
142:
134:Windows Server
114:
113:
28:
26:
19:
13:
10:
9:
6:
4:
3:
2:
356:
345:
342:
340:
337:
336:
334:
323:
318:
316:
311:
309:
304:
303:
297:
295:
291:
288:article is a
287:
282:
279:
275:
270:
265:
262:
260:
257:
256:
252:
237:
233:
229:
222:
219:
214:
210:
204:
201:
195:
191:
188:
187:
183:
181:
179:
175:
167:
165:
163:
157:
155:
151:
143:
141:
139:
135:
131:
128:
124:
120:
110:
107:
99:
88:
85:
81:
78:
74:
71:
67:
64:
60:
57: –
56:
52:
51:Find sources:
45:
41:
35:
34:
29:This article
27:
23:
18:
17:
294:expanding it
283:
268:
240:. Retrieved
231:
221:
213:the original
203:
171:
168:Alternatives
158:
147:
122:
118:
117:
102:
93:
83:
76:
69:
62:
50:
38:Please help
33:verification
30:
178:Recycle Bin
333:Categories
242:2020-10-10
232:Redmondmag
196:References
180:function.
164:software.
66:newspapers
138:safe mode
96:June 2020
236:Archived
184:See also
144:Password
80:scholar
82:
75:
68:
61:
53:
284:This
87:JSTOR
73:books
290:stub
150:null
123:DSRM
59:news
172:On
42:by
335::
234:.
230:.
140:.
321:e
314:t
307:v
296:.
245:.
121:(
109:)
103:(
98:)
94:(
84:·
77:·
70:·
63:·
36:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.