Locked out of windows.

[Guest]

Hi,
I had a customer leave their laptop with me today, just to remove some
spyware and general maintenance really. The laptop was a domain member but i
was only given the password and username for her user account. The laptop
didnt appear to have a cdrom drive only a floppy drive, so i decided to use a
crossover cable and cut and paste my spyware tools onto her laptop.
Unfortunaltley due to the laptop being a domain member, i couldnt pass the
files accross. Without really thinking it through i removed the laptop from
the domain and added it my workgroup rebooted the laptop and i can no longer
logon. ive tried guessing the local administrator password but im unsure
wether the local admin account is even called administrator.

Any suggestions??

 

[Bruce Chambers]

Hi,
I had a customer leave their laptop with me today, just to remove some
spyware and general maintenance really. The laptop was a domain member but i
was only given the password and username for her user account. The laptop
didnt appear to have a cdrom drive only a floppy drive, so i decided to use a
crossover cable and cut and paste my spyware tools onto her laptop.
Unfortunaltley due to the laptop being a domain member, i couldnt pass the
files accross. Without really thinking it through i removed the laptop from
the domain and added it my workgroup rebooted the laptop and i can no longer
logon. ive tried guessing the local administrator password but im unsure
wether the local admin account is even called administrator.

Any suggestions??

By changing the computer from the domain to a workgroup, you have
destroyed the trust between the domain and the machine. In doing so,
you have also rendered any domain login credentials as invalid. You
need to be physically connected to the domain network, you need to have
administrative privileges to the workstation, and you need to have
administrative privileges on the domain. Then you can add the machine
back on to the domain, after having first deleted the computer's old
domain account (unless you've also renamed the computer).

Have the customer take her laptop to her company's IT department (I
can't help but conclude that such exost, or the laptop would not have
been a member of a domain) for repairs, where she should have gone in
the first place. I do hope that your customer's employer is of the
understanding and forgiving variety. In many companies, your customer's
employment would be summarily terminated for altering (or allowing to be
altered), and thereby rendering useless, company property.

This isn't entirely your customer's fault, though. A lot of
responsibility rests squarely upon the shoulders of the network
administrator. You see, if the laptop had been properly configured,
your customer's account would not have had sufficient privileges to
remove the computer from the domain in the first place. Clearly, your
customer lacks the requisite knowledge to be properly entitled to full
administrative privileges on the computer, or he/she would have known
better than to let you attempt what you did. He/She would also have
known that removing the computer from the domain and joining your
workgroup would not be necessary in order for you to transfer files from
the your computer to the laptop.



--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH

 

[Guest]

i did realise i would need domain credetials to rejoin her domain, however i
didnt realise i could transfer the files without removing from the domain. It
seems i have messed up quite badly, i do have one other question though which
is, will the work stored locally on her machine still survive, will it
survive being rejoined to the domain, and if it wont how do i get it off to
save it?

 

[Bruce Chambers]

i did realise i would need domain credetials to rejoin her domain, however i
didnt realise i could transfer the files without removing from the domain. It
seems i have messed up quite badly, i do have one other question though which
is, will the work stored locally on her machine still survive, will it
survive being rejoined to the domain, and if it wont how do i get it off to
save it?

The user profile (it's contained data files) associated with your
customer's domain account would not have been deleted by removing the
machine from the domain. Those files should have remained intact. They
will, however, be unaccessible (assuming the NTFS file system) to other
user accounts, unless you use an account with administrative privileges
to take ownership of the files. Rejoining the laptop to the domain
should allow the user to access her files again. Data files located
outside of the user profile will also be intact, but their accessiblity
will be controlled by whatever NTFS permissions were applied to them and
their parent folders.

At this point, the only way you'll be able to do anything is if you
have the local administrator account's name (Renaming the local
Administrator account is a standard security precaution practised by a
great many IT departments.) and password.

--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH

 

[Simon]

i did realise i would need domain credetials to rejoin her domain, however i
didnt realise i could transfer the files without removing from the domain. It
seems i have messed up quite badly, i do have one other question though which
is, will the work stored locally on her machine still survive, will it
survive being rejoined to the domain, and if it wont how do i get it off to
save it?

If you don't know the answers to these questions then you shouldn't be
f***ing around with someone else's computer. It's cowboys like you that give
everyone a bad name!

I think the key word in the original post was "customer". This isn't someone
helping a friend. You would appear to the charging to perform services you
clearly don't have the knowledge or experience to undertake.

 

[Matt Anderson]

message


If you don't know the answers to these questions then you shouldn't be
f***ing around with someone else's computer. It's cowboys like you that
give
everyone a bad name!

I think the key word in the original post was "customer". This isn't
someone
helping a friend. You would appear to the charging to perform services you
clearly don't have the knowledge or experience to undertake.

You never made a mistake? I've made them.

JustAnotherMCP - You can change the local administrator account with a
password changing disk - use google. Once you do that you can logon and
then you can join it back to the clients domain. You shouldn't need domain
admin rights to join the computer to the domain - you can use the clients
username/password more than likely. You may not have to have your client
contact their IT department. But, IMHO you should only bill your client
your minimal fee - which is probalby 1 hr.

Matt
MCT, MCSE, CNE, CCNA, Network+, Linux+

 

[Enkidu]

On Fri, 10 Dec 2004 13:03:45 -0500, "Matt Anderson"

[..snip..]

You never made a mistake? I've made them.

I'm with Matt. This person is charging for services that the user's
support team should handle. There are ethical questions here.
Personally I'd be livid if someone brought back a PC that the user had
originally handed to someone else to fix, and this someone else had
stuffed it up. The user has given a company resource to someone else,
and what's more has supplied that third party with the passwords to
the machine. I'd bet that this user was not authorised to do it.

Secondly, anyone who is an MCP should know better than to switch a
domain member machine to a work group. It is not a minor error. It's a
well-known and obvious (to an MCP) pitfall.

JustAnotherMCP - You can change the local administrator account with a
password changing disk - use google. Once you do that you can logon and
then you can join it back to the clients domain. You shouldn't need domain
admin rights to join the computer to the domain - you can use the clients
username/password more than likely. You may not have to have your client
contact their IT department. But, IMHO you should only bill your client
your minimal fee - which is probalby 1 hr.

In my previous organisation such a compromised machine would be
routinely wiped, no questions. All data would be lost. The user had
better hope that the IT department is understanding. She had better
hope that she has a job after all of this.

Cheers,

Cliff.

 

[Guest]

Hi,

Firstly, I am not a professional at this. I recently left a company and kept
my laptop. It was on a MS 2003 domain. I changed this to a workgroup and the
problem now is that I cannot login to the Workgroup. Is there a default
password for this? I cannot put this back onto the work domain. Is there
anyway out of this? I looked for 'password changing disk' on google - but
couldnt find anything - can you help at all with an address or other method.

Thanks

Mandy, UK

On Fri, 10 Dec 2004 13:03:45 -0500, "Matt Anderson"

[..snip..]

You never made a mistake? I've made them.

I'm with Matt. This person is charging for services that the user's
support team should handle. There are ethical questions here.
Personally I'd be livid if someone brought back a PC that the user had
originally handed to someone else to fix, and this someone else had
stuffed it up. The user has given a company resource to someone else,
and what's more has supplied that third party with the passwords to
the machine. I'd bet that this user was not authorised to do it.

Secondly, anyone who is an MCP should know better than to switch a
domain member machine to a work group. It is not a minor error. It's a
well-known and obvious (to an MCP) pitfall.

JustAnotherMCP - You can change the local administrator account with a
password changing disk - use google. Once you do that you can logon and
then you can join it back to the clients domain. You shouldn't need domain
admin rights to join the computer to the domain - you can use the clients
username/password more than likely. You may not have to have your client
contact their IT department. But, IMHO you should only bill your client
your minimal fee - which is probalby 1 hr.

In my previous organisation such a compromised machine would be
routinely wiped, no questions. All data would be lost. The user had
better hope that the IT department is understanding. She had better
hope that she has a job after all of this.

Cheers,

Cliff.
--

These twin-CPU hyperthreading computers are really
great! We can wait ten to a hundred times faster
these days.