So You Lost Your Vista Password?
Posted on May 3, 2008
2 Comments
I try a lot of software and utilities every week, both at work and at home. Most of it I never mention here on the blog for a variety or reasons. But when I find one that works well or is a life-saver, then I know what my next post will be about!
And this is one of those posts.
The lifesaver of the week? Offline NT Password & Registry Editor. The bootdisk is about 3MB and saved me literally hours and hours of work in about 5 minutes. Need to reset or change a password on any NT based Windows machine (not win9x)? This baby is your ticket. Glance at the walk through, boot from the CD and get ‘er done.
[I should mention I have no affiliation with the author nor have I been paid to write this.]
Here’s a synopsis of why I needed this if you’re curious.
The Start
A former employee had, unbeknownst (at the time) to myself or other IT staff, added his laptop to our domain. I’m sure that made his life easier when using it for work… it also caused some grief yesterday!
When he left us I disabled his domain account. I rarely delete the domain accounts right away as I’ve found devs seem to like to run scheduled jobs or services as themselves… disabling is just safer in many cases. I delete later.
Not long after he left I found the he laptop’s machine account in our Active Directory and whacked it from there. I couldn’t think of a compelling reason to leave it .
Now, since his laptop was no longer on our network or domain it didn’t know his account was disabled — it was still running on cached credentials and fat dumb and happy.
Then It Happened…
We re-engaged him as a contractor recently to work on one of his old projects. Through a comedy based on no communication, I wasn’t told soon enough and thus hadn’t re-enabled his old account. One of my guys had re-enabled his old VPN access though (cisco and not domain based).
So, he connects to the VPN and shortly afterwards is locked out of his laptop! Why? Well, since the laptop suddenly was able to “see” the domain controller it updated itself and found that his account was disabled. Heh. Oops.
He brought in the laptop and that triggered another issue. Sure, we could re-enable his account but now the domain didn’t know the machine (remember, I had earlier deleted it from the directory). Took us a bit to figure out what was going on!
… And Got Worse
So, we had to get the laptop back in the domain by first removing it (as far as the laptop was concerned) from the domain. As there were no local accounts on the laptop, one of the guys added one but didn’t set the password. Heck, we just assumed it would default to blank.
He removed it from the domain. No problem. Rebooted.
Vista offered him the login prompt for that new local account. As expected.
But a blank password wasn’t working. And we couldn’t log in as any other user — there was no option to change users (later we learned that the local admin account had been disabled…)
At this point we’re starting to think we’ll be pulling the drive and cloning it before a full reload of the OS. Yuck, but we seemed hosed.
Solved!
About then is when I found this Offline Recovery utility. I made the bootdisk, fired it up and cleared the password on that new local account all in about 5 minutes.
Rebooted and logged right in.
Problem solved and hours of labor saved. *phew*
Oh, and we added his laptop back into the domain and his old domain account was able to log right on. Sweet. We’ll gracefully remove it out of the domain when this engagement ends… but for now, everything is working and we didn’t lose anything.
Tags: microsoft, password, security, vista, Windows
Possibly Related Posts
Comments
2 Responses to “So You Lost Your Vista Password?”
Leave a Reply
This is a great utility that I’ve been using for years. It’s saved clients, friends and family from the horrors of the forgotten Windows password drama. I’ve also used it to demonstrate to students the ‘no security without physical security’ concept.
I think it would be interesting to point out that this is a Linux boot disk with GNU utilities. That’s right, Linux tools breaking Windows security “all in about 5 minutes”. If you need an exercise in futility, try to find a windows disk that can break into a Linux box.
Yet masses of techies still fly the Redmond flag proudly. I have to wonder why.
Tim, I definitely should’ve mentioned this is a linux based solution.
I like your point on physical security. I imagine that this is a great way to get that across to students!