Tag Archives: Directory Services Restore Mode

How to reset the Directory Services Restore Mode (DSRM) password

Windows SBS 2011

The Directory Services Restore Mode (DSRM) password is used for restoring  Active Directory data on a Domain Controller. During an AD restore you can’t authenticate to Acitve Directory because it isn’t started while you boot into the restore mode and there aren’t any local accounts on a Domain Controller, so the DSRM password is used instead. This is a particularly important password to know in a single Domain Controller environment like an Small Business Server domain (although you can add additional DCs). It’s also a very good password to reset if you take on a new client with existing infrastructure that has been setup by someone else.

On SBS 2011 although you are not prompted to specify the DSRM password, it defaults to the password you use to install the server with. On Windows 2008, 2012, 2012 R2 when you promote a Member Server to a Domain Controller, you are asked to specify the password.

Continue reading