Windows 2003 Server Physical to Virt KVM

I’m not a big fan of windows servers, but sometimes small bussiness have an old computer running an outdated windows server in a more outdated hardware, deal with this systems is not a pleasant experience, old psu and hard disk with a lot of hours are the gates of a  disaster, if you can virtualize the OS, you don’t have to deal with outdated hardware.

Old Fileserver

Virtualization   provides a base hardware where you system can run, and this isolates your os <–> physical server relationship.

In a recent case I found an old Pentium D executing W2003 in a degraded intel smart raid ( Fake raid controller ), If one hard disk  has died the other one will follow same path.

fake raidunfortunately kvm doesn’t emulate fake raid controller that means that when you start your virtualized legacy server it will fail showinga blue screen because is searching for a no present controller.

0x0000007Bthis is a big problem you should make some steps to avoid BSOD and another hassles.

First you will need to load all IDE references into windows registry, this step is easy, just donwload  Mergeide file, uncompress and open mergeide.reg file (more info).

If system was installed directly against raid controller you will need to add some files, Atapi.sys, Intelide.sys, Pciide.sys,  Pciidex.sys because aren’t installed and OS will be unable to connect to IDE devices

these files should be in %SystemRoot%\System32\Drivers folder.

if not, you can get from  %SystemRoot%\Driver Cache\I386\Driver.cab.  Just extract  Atapi.sys, Intelide.sys, Pciide.sys,  Pciidex.sys files on %SystemRoot%\System32\Drivers folder.

Reboot your old server, check that is still working in the old server, and now you can migrate it. Using clonezilla for example.

Good Luck with your migration

 

 

Recovering passwords from a windows 2003 server

Sometimes when a business decide to switch his computer maintenance to another company switched company rejects to give server passwords with or without good reason.

There’s a lot of ways of reset administrator password, but recover any of then can be better.

If you need to recover passwords from a windows 2003 server a easy way is shutdown the server and start a linux live CD like ubuntu.

If you can access to windows filesystem you can access to SAM data, a database with local passwords 😛 .

You only need to copy %SystemRoot%/system32/config directory to a flash memory or another storage device.

Install into another computer Ophcrack software. In my laptop running fedora 21 executeas root

dnf install ophcrack

Download XP rainbow tables from here http://ophcrack.sourceforge.net/tables.php

Open ophcrack

Click on Tables -> install

and load downloaded tables

ophcrack load tables

Now at load button select Encrypted SAM and open the folder %SystemRoot%/system32/config recovered using Linux liveCD

ophcrack main windowand finally click on Crack button

recovered passwordsOnly took half minute, literally in recover 13 of 14 passwords.

Enjoy