Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Can't enable disabled admin account and have removed admin privileges from all other accounts 1

Status
Not open for further replies.
1DMF

1DMF

Programmer
Jan 18, 2005
8,795
GB
Hi,

I have a member who for some reason decided he would go and remove administrator group privileges from all the Vista local user accounts, and didn't enable the built in admin account.

So now no user account at all has admin privileges and the one built-in admin account is disabled and so cannot log on with it.

What can they do to resolve this?

Thanks,

1DMF.

"In complete darkness we are all the same, it is only our knowledge and wisdom that separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

Free Dance Music Downloads
 
Sort by date Sort by votes
Backup data as slaved drive, format, reload will fix it right up. Seeing as though we're not supposed to give advice on how to hack a password, enable a disabled account or do that kind of thing with widely available "tools", that may be what you have to do.
 
Upvote 0 Downvote
So you cannot advise an IT professional how to fix one of their users problems?

I must be on the wrong website then regardless of the strap line 'Tek-Tips Forums - INTELLIGENT WORK FORUMS FOR COMPUTER PROFESSIONALS' ;-)

But seriously... The bottom line is I have to use some sort of hack tool that more than likely boots from CD and then allows you to reset passwords.

I have one of those discs for XP, and Windows 7 wont let you have zero enabled admin accounts, I guess this is yet another reason why Vista is such a pile of poo!

Why do users mess about with things they don't understand and then think anyone in IT can fix everything they break!

I think I'll just tell them it's a wipe and re-load, too much risk of getting viruses looking for such types of tools and an even bigger chance of them cocking up their machine even further, which could then come back on me for providing such a tool!

Agghh users, don't you just love em!

"In complete darkness we are all the same, it is only our knowledge and wisdom that separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

Free Dance Music Downloads
 
Upvote 0 Downvote
So you cannot advise an IT professional how to fix one of their users problems?
Click to expand...
So your post on Tek-Tips proves that you are an upstanding individual of a professional nature?? Answer that and you see. I've answered these before and gotten admonished by the thread admins OR the post was deleted, so it's not due to being difficult that I don't answer.

The bottom line is I have to use some sort of hack tool that more than likely boots from CD and then allows you to reset passwords.
Click to expand...
I could not CONFIRM or deny that assertion.


 
Upvote 0 Downvote
So your post on Tek-Tips proves that you are an upstanding individual of a professional nature??
Click to expand...
err do you not notice tongue in cheek when you see it? did the smiley face not help -> check my joined date 'January 18, 2005' :p

Do you also believe that there aren't professional hackers?

It was a genuine question regarding a genuine mistake made by a genuine user.

There is difference between hacking and gaining authorised legitimate access you know, it's not the tool, it's what you do with it, a hammer is only a weapon if you use it to hit someone, if you hit nails with it, it's called DIY!

I was merely hoping there was a simple way of fixing this without a re-install or implications that the request was for anything other than legitimate professional use.





"In complete darkness we are all the same, it is only our knowledge and wisdom that separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

Free Dance Music Downloads
 
Upvote 0 Downvote
Just a thought, if he was joined to a domain is that possible with only domain Admin user credentials?

Could then the domain Admin account amend local admin user credentials?

Does domain Admin have higher privileges and rights over local user accounts?

"In complete darkness we are all the same, it is only our knowledge and wisdom that separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

Free Dance Music Downloads
 
Upvote 0 Downvote
Typically, a domain admin will have admin rights on every workstation joined to the domain. So yes, your suggested solution of logging in under a domain admin account should work allowing you to re-enable the local administrator account and assign a password.

Another way is to use Microsoft's DaRT (Diagnostics and Recovery Toolset) which was formerly known as ERD Commander. Booting into its WinPE-like environment will give you access to a tool called Locksmith which can re-enable the local administrator account and set its password. The key is to use the right version:

ERD Commander 5.0 (2000, XP, Windows Server 2003)
ERD Commander 6.0 (Vista, Windows Server 2008)
ERD Commander 6.5 (Windows 7, Windows Server 2008 R2)
DaRT 7.0 (Windows 7, Windows Server 2008 R2)
DaRT 8.0 (Windows 8, Windows Server 2012)




-Carl
"The glass is neither half-full nor half-empty: it's twice as big as it needs to be."

[tab][navy]For this site's posting policies, click [/navy]here.
 
Upvote 0 Downvote
Thanks Carl,

I wasn't sure that as the machine isn't currently a domain client, if it required local admin account to authorise the change from WORKGROUP -> DOMAIN, it's been quite a while since I've added a machine to a domain as that role is now outsourced to 3rd party support.

Though from my fuzzy memory I'm sure it asks for domain admin to authorise adding a client to a domain plus adds domain admin to the local admin group at the same time.

If that fails, then I'll see if I can get them to use this locksmith which I assume is able to access and edit the SAM file.

I really appreciate the input, at least there is one thing we can safely say from all this... the user will never do that again!

"In complete darkness we are all the same, it is only our knowledge and wisdom that separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

Free Dance Music Downloads
 
Upvote 0 Downvote
No, I was thinking the machine already belonged to the domain. Because it doesn't, you'll need to find a tool like DaRT that can make changes to the admin account outside of Windows. There are others out there besides DaRT, but discussing them would likely turn the thread in a direction we do not want to go!
[noevil]

-Carl
"The glass is neither half-full nor half-empty: it's twice as big as it needs to be."

[tab][navy]For this site's posting policies, click [/navy]here.
 
Upvote 0 Downvote
Just to defend goombawahoo, the prohibition on posting methods of bypassing security is a policy of this site:

Tek-Tips posting policies said:
The following activities can result in deletion of posts, deletion of threads and/or restriction of further site usage.
• Posting Anything Illegal (including hacking, cracking, passwords, etc.)
Click to expand...

It has been confirmed many times by site management that, since

a) it is impossible to determine in all cases whether a request for a method to bypass security is for legitimate reasons; and
b) this is a publically viewable site, meaning that even if an original request was legitimate subsequent viewers may well have a different agenda

any such posts should be treated as illegal to protect the integrity and reputation of the site.
 
Upvote 0 Downvote
Just to be clear...

Discussing DaRT, a professional tool from Microsoft for use with Microsoft products, is far from a violation of that policy.

Discussing tools that are not approved by Microsoft for hacking Microsoft products is a violation, and should be treated as such.
 
Upvote 0 Downvote
I am not responsible for other peoples actions nor is this site, and falsely accusing an innocent person of a crime is a serious offence and should be dealt with accordingly.

However, putting facts of law aside, I would like to thank cdogg for keeping this thread on track, professional and legal, it's nice to see someone has rational thinking regarding this request and that there are tools available to help IT professionals with this awkward situation.

Incidentally, I never received the expected call yesterday to help the user with attaching the machine to the domain of the company he works for, so have just rung him for an update, he has now decided that it is time for a new laptop and so has just purchased a new Windows 7 machine.

Problem solved!



"In complete darkness we are all the same, it is only our knowledge and wisdom that separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

Free Dance Music Downloads
 
Upvote 0 Downvote
I am not responsible for other peoples actions nor is this site, and falsely accusing an innocent person of a crime is a serious offence and should be dealt with accordingly.
Click to expand...
I don't know what you're talking about but I don't like the gist of it. I could care less about talking about password cracking tools for legitimate purposes. It's the admins of this site that are uptight about it. Never mind that you can look on 300 other web pages and find out how to use them and where to get them. That's the old "head in the sand" approach - we don't discuss that stuff so it doesn't exist. La la la, happy happy happy.

But I am correct in that one never knows the reason for someone posting a question involving the need to bypass passwords/security. You were, however, correct in commenting that it's LESS LIKELY you should be seen as suspicious since you've been on here for a while versus this being your first post in terms of the "suspicio-meter". Regardless, the admins wouldn't see any distinction.
 
Upvote 0 Downvote
>Never mind that you can look on 300 other web pages and find out how to use them and where to get them. That's the old "head in the sand" approach - we don't discuss that stuff so it doesn't exist. La la la, happy happy happy

There are also 300 other webpages (probably) where you can get instructions on how to make bombs. That doesn't mean that every site should therefore be amenable to carrying such information. It's hardly a head-in-the-sand view. Every website is entitled to its own policies, frankly. I'm not always a fan of this particular one, given that of course there are legitimate requests and solutions in this area, but I accept that they exist.

And the existence of such a policy is no more an implication "that the request was for anything other than legitimate professional use" or that anyone adhering to that policy is "accusing an innocent person of a crime" than locking your front door implies that everyone passing by intends to breeak into your house.
 
Upvote 0 Downvote
Of course Mike, my point exactly, it is very important that people are not inadvertently accused of anything or implied they are up to something, and I wasn't accusing anyone of doing so, I was merely pointing out that one has to be careful when dealing with this type of comment.

The whole torrent argument is based on this, is hosting a torrent file illegal, or hosting the copyrighted content? Are links illegal content or the illegal content themselves?

When does freedom of information become criminal use of information? and who is responsible, those providing the information or those acting upon it?

If I was really after performing an illegal hack of someone's password and needed some help from the hacker community, I wouldn't be using IE , in non-private mode , posting on TT with my real account linked to my personal websites and employer.

I'd be browsing via TOR, subverting my identity, faking my location, using HTTPS secure and encrypted URLs, going by the name of NEO and posting in real hacking forums!

But as I said I don't want this thread to go in any direction other than it was originally intended and as cdogg kindly pointed out it is a legitimate problem with what appears to have legitimate Microsoft tools to help with this IT nightmare, though luckily in the end, it was 'much ado about nothing' as the user opted for a new laptop anyway, one sometimes wonders if this was their ruse all along?

Why they even did what they did is a mystery, why they thought it would solve what ever problem they were having, or why they didn't consult with the IT department regarding their initial issue, before breaking their laptop and then expecting IT to then fix it, is all a bit baffling, but that's users for you!







"In complete darkness we are all the same, it is only our knowledge and wisdom that separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

Free Dance Music Downloads
 
Upvote 0 Downvote
>breaking their laptop and then expecting IT to then fix it

Ah, that old story!
 
Upvote 0 Downvote
Otay, whatever. I'm bored with this line of discussion at this point. Everyone is wonderful. My only mistake was not knowing about the DaRT tool.
 
Upvote 0 Downvote
Really one would have thought that this thread was educational in teaching anyone who didin't know about DaRT of its exisitence regarding the difficult situation of recovering someones machine considering the awkwarness of the discussion and the contraints of the forum rules.

sorry to have bored you! I thought the only mistake made was the user doing what they did, my bad!

"In complete darkness we are all the same, it is only our knowledge and wisdom that separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!"

Free Dance Music Downloads
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

pjw001
  • Locked
  • Question
Windows 11 Screen Colours have changed (slightly) 3
Replies
14
Views
2K
pjw001
pjw001
VicM
  • Locked
  • Question
Change name not showing in user account 1
Replies
13
Views
375
guitarzan
guitarzan
dpellegrini
  • Locked
  • Question
Clear All Credentials in Credential Manager
Replies
0
Views
145
dpellegrini
dpellegrini
Marguerite Bourgeois
  • Locked
  • Question
I have a document in which margins
Replies
2
Views
111
goombawaho
goombawaho
Flinx
  • Locked
  • Question
the SAGA of trying to get a computer to sleep and wake up on a schedule
Replies
1
Views
598
Flinx
Flinx

Part and Inventory Search

Sponsor

Back
Top