Jamie Fargen's Weblog

KVM:Reset Windows Guest Password

by on Dec.21, 2012, under Uncategorized

The post is from the stand point of RHEL hypervisor with a KVM Windows guest using a raw image file as a backing store using the package chntpw, but it could easily be applied to different distros, backing stores, or even booting a Linux livecd as long as you can install the chntpw package. Some steps may vary depending on what kind of backing store you are using for the image and where your Windows OS was installed.

First get the chntpw package:
$ sudo yum install chntpw

Print the logical loopback device:
$ sudo losetup -f

Next mount the image file as a loopback device:
$ sudo losetup /dev/loopo /var/lib/libvirt/images/windows7.raw

Add partition mappings:
$ sudo kpartx -av /dev/loop0  #That is a zero at the end of /dev/loop0

Create a directory that can be used as a mount point:
$ sudo mkdir -p /mnt/winrescue

Mount the appropriate filesystem:
$ sudo mount /dev/mapper/loop0p2 /mnt/winrescue

Change to the directory where the SAM db is located:
$ sudo cd /mnt/winrescue/Windows/System32/config/

Now run the chntpw utility:
$ sudo chntpw -I SAM

Once complete you will want to unmount the filesystem and loopback device.

Get out of the mounted filesystem:

$ cd ~

Umount the filesystem:

$ sudo umount /mnt/windowsrescue/

Delete the partition mappings:

$ sudo kpartx -dv /dev/loop0

Unmount the loopback device:

$ sudo losetup -d /dev/loop0

The process is now complete.

Leave a Reply

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!


A few highly recommended websites...