KVM:Reset Windows Guest Password
by jfargen on Dec.21, 2012, under Work and stuff
The post is from the stand point of RHEL hypervisor with a KVM Windows guest using a raw image file as a backing store using the package chntpw, but it could easily be applied to different distros, backing stores, or even booting a Linux livecd as long as you can install the chntpw package. Some steps may vary depending on what kind of backing store you are using for the image and where your Windows OS was installed.
First get the chntpw package:
$ sudo yum install chntpw
Print the logical loopback device:
$ sudo losetup -f
/dev/loopo
Next mount the image file as a loopback device:
$ sudo losetup /dev/loopo /var/lib/libvirt/images/windows7.raw
Add partition mappings:
$ sudo kpartx -av /dev/loop0 #That is a zero at the end of /dev/loop0
Create a directory that can be used as a mount point:
$ sudo mkdir -p /mnt/winrescue
Mount the appropriate filesystem:
$ sudo mount /dev/mapper/loop0p2 /mnt/winrescue
Change to the directory where the SAM db is located:
$ sudo cd /mnt/winrescue/Windows/System32/config/
Now run the chntpw utility:
$ sudo chntpw -I SAM
Once complete you will want to unmount the filesystem and loopback device.
Get out of the mounted filesystem:
$ cd ~
Umount the filesystem:
$ sudo umount /mnt/windowsrescue/
Delete the partition mappings:
$ sudo kpartx -dv /dev/loop0
Unmount the loopback device:
$ sudo losetup -d /dev/loop0
The process is now complete.
