You can create bootable DOS cds, especially if you use something like FreeDOS, instead of MSDOS.
If you grab the right files from C:\Windows\system32\config (system and security, from memory, but you'd have to check), it contains the domain cached credentials of the last 10/50 people who have logged in. Assuming your admin was one of them (and a quick bit of SE can fix it if they weren't), you have their username and hash. However, if your admin password isn't a short or dictionary one, you're not going to crack it, because the hashes are salted, so you can't use rainbow tables against them..
Once you've cracked it, you could use it to login to RMCC, but making your own account an administrator is a stupid move, and you will get found out.