No sure what was happened, one of the Windows Server cannot be logged in with any domain admins account, YES! including the local administrator account @_@
Luckily I have came across this article from How-To Geek, and I managed to reset the password and logged back on. The original article is from http://www.howtogeek.com/106333/how-to-reset-your-forgotten-domain-admin-password-on-server-2008-r2/
The idea is to replace one of the accessibility tool with the command prompt at the logon screen, like this one.
You boot off the Windows installation disk or recovery cd, and select “Repair your computer” option.
follow through the screen until you see a screen like below
So first, you will need to run a command to backup the original “utilman.exe” file, the command should be like
MOVE C:WindowsSystem32Utilman.exe C:WindowsSystem32Utilman.exe.bak
Secondly, you will then need to make the “cmd.exe” as “Utilman.exe”,
COPY C:WindowsSystem32cmd.exe C:WindowsSystem32Utilman.exe
(Note: one of the challenge here is to find the correct drive letter for the “Windows” directory, because in my situation the drive letter was on D drive instead C drive. Therefore you will need to use DIR command to make sure you are working on the correct drive letter.)
Now, if everything goes under the plan, then you can go ahead and reboot your machine.
When you see the logon screen, click on the Ease of access icon , hopefully the command prompt screen is now opened for you 🙂
To change the user password, we will use the normal Windows command, replace username with the user name you need to reset the password for.
net user username *
Once changed, you should be able to log into the machine, yeah!!!
Don’t forget, you need to change back the “Utilman.exe” back to the original one. Since this is actually an in use file, thus you might not be able to change it back in Windows Explorer. You may use special tools to overcome this or just simply do the previous steps again to revert the file.
I hope this help. One last little suggestion, wherever possible, don’t let too many people to have the admin login privileges, especially don’t share one “administrator” account within the team, otherwise it will be difficult to tell who mess it up.