Recently we had to "break into" one of our windows boxes, and ended up using the "Offline NT Password & Registry" Editor from http://www.pogostick.net/~pnh/ntpasswd/. It appears to be an excellent tool - but there was no information on how to get that to PXE boot. This blog entry should help with PXE booting it.
You will need:
- A DHCP Server
- A TFTP Server
- The CD image
- The PC on which you want to change the passwords
Most DHCP servers will work. For ISC DHCPd the configuration needs to be amended to include:
next-server 10.1.111.8; # IP address of TFTP server
Even Windows DHCP server can be used here.
The TFTP server (which can be the same server as the DHCP server), serves out a directory tree - in our case "/srv/tftp" in which the CD contents needs to be available. This can be done by simply mounting it. We put the CD image in /srv/tftp/cd110511.iso and mounted it on /srv/tftp/cd110511 using an fstab entry:
/srv/tftp/cd110511.iso /srv/tftp/cd110511 auto loop 0 0
And the corresponding pxe boot menu entry looks like this:
menu label Windows Password Reset
menu passwd soopersekrit