Enabling a disabled/locked local account.

mi1ez

Splendid
OK, here's a challenge for you!

We have a room of Vista PCs that used to be on a domain at our company. Our network went down spectacularly and has had to be rebuilt from scratch on a different domain.

Here's the tricky bit.

In order to change the domain these PCs are on, we need to log onto them. There are 2 local user accounts. The built in Administrator account wasn't enabled when the guy set up these machines. The second local account is locked out and cannot be logged onto.

What I need to do is either enable one account or unlock the other.

I've tried logging on to the recovery console, but it asks for credentials for a local user account. Safe mode comes up with the regular login screen and again, won't let me in. I've even tried booting into Windows PE to try to do it from a command line, but it won't let me access the existing Windows installation.

Anyone got any ideas?
 

mi1ez

Splendid
Ophcrack will get me passwords, but won't (that I can see) enable accounts whether locked or disabled, I have password, but no active accounts to log onto!

Cheers anyway.

Anyone else know any tools/techniques?
 


You can't. I don't know of a tool that will allow you to unlock a locked account outside of the Windows environment.

Even a Repair setup looks to need a valid user to log on to.

Try Trinity Rescue Kit <-- have not tried it but looks like it may work for what you want

http://trinityhome.org/Home/index.php?content=TRINITY_RESCUE_KIT_DOWNLOAD
http://forums.trinityhome.org/viewforum.php?f=13

 

mi1ez

Splendid
Trinity looks like a good find, but looks like it only does password resetting and not account unlocking/enabling. Cheers though.

iJack, That looks like it could be just what I'm after. I'll have a proper read tomorrow and let you know how it goes. Cheers.
 
The issue you are running into is that a locked/disabled account is not set in the file system but rather the security database of Windows, which is made not to be easily cracked. Password reset is a different animal than unlocking an account. Would you want people to be able to enable dissabled accounts by simply posting a forum question? Or finding cracks for encrypted files (which is similar to this)? The less chance you have of doing this, the better and more secure the Operating System is.

Bit funny how there are all these people yelling about how Windows is not secure, viruses, break-ins, etc..., yet look for a way to get around passswords and other account security, hacking activations, installing pirated software keys. Not to mean you specifically, just this type of situation. If the OS was designed and actually works the way it should, if you setup a user and password that is locked, password forgotten, etc.., no-one should be able to get at that system.
 
When you have physical access to the system security goes out of the window. Want to access data on any Windows system? Well, as long as the EFS hasn't been used, just install another copy of Windows - open sesame. Much the same goes for any Unix-type system.

When it comes to non-physical access, that's another matter. Windows is reasonably secure under those circumstances. That's why servers are kept in locked rooms.
 


Why on earth do things the hard way? Just build a UBCD4Win CD with all the password tools on it. It can be used to reset passwords & activate/deactivate accounts without the hassle of installing additional OS's. It's the one tool that should be in every competent technician's toolkit.