?
Solved

WK2 Administrator Role

Posted on 2003-02-24
6
Medium Priority
?
303 Views
Last Modified: 2013-12-04
A user in my office went into Adminstrative tools, clicked on computer management, then removed the administrator from the administrators group. The only login available to the PC was this account, which is now locked out of most everything. I'm a developer and not a network specialist. Is there any way to add the administrator back onto the PC.
thanks for any ideas.
0
Comment
Question by:eltule
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 3

Expert Comment

by:nouellette
ID: 8010925
removing the admin from the administrators group is different from adding them to the users list of the local PC or not.  You should be able to easily log back on as the local admnistrator and re-add the admin account back to the Admin group.  If its the 'group' that's the problem.


0
 

Author Comment

by:eltule
ID: 8011009
I tried to log in as the local admin but couldn't. It wouldn't accept any of the passwords that I tried. I think this user changed the admin password as well, but now can't remember what it is.
0
 
LVL 3

Accepted Solution

by:
nouellette earned 400 total points
ID: 8011520
This has been covered numerous times on EE topics.  I'll cut and paste an answer to a recent one posted by Crazy One recently.  In a nutshell there are FREE utitilies to use to reset local admin passwords.  Or you can pay for some really great useful tools such as ERD COmmander at www.winternals.com

_________________________

Free stuff

Instructions
http://home.eunet.no/~pnordahl/ntpasswd/bootdisk.html
image files
http://ntpass.blaa.net/bd011022.zip (1.4MB - Bootdisk image, date 011022)
http://ntpass.blaa.net/sc011022.zip (~700KB) - SCSI-drivers (011022)
This is a utility to (re)set the password of any user that has a valid (local) account on your NT system, by modifying  the crypted password in the registrys SAM file.
http://home.eunet.no/~pnordahl/ntpasswd/
image writer
http://home.eunet.no/~pnordahl/ntpasswd/rawrite2.zip

Another one
Change administrator password on NT/2000, without knowing it!!! Bootdisk...
http://www.thomasmathiesen.com/itak/html/software.html
image file
http://www.thomasmathiesen.com/filez/sw/external/linuxbootimage.zip
image writer
http://www.thomasmathiesen.com/filez/sw/external/imagewriter.zip

Another one
Offline NT Password and Registry Editor
http://www.pc-pipeline.com/modules.php?op=modload&name=Downloads&file=index&req=viewdownload&cid=3

Download it here
http://www.pc-pipeline.com/modules.php?op=modload&name=Downloads&file=index&req=getit&lid=6

Run it to create a boot floppy then follow the instructions. If you choose to do this then you are doing this at your own risk. Just change the admin pw and login then change the account pw's that you desire.

Make sure you have a floppy disk in the floppy drive and let the program create the boot floppy. Now restart the machine a let it boot from the floppy. Now follow what it instructs you to do.

Use it like a bootdisk.

Another one
NTFS/FAT Boot disk for password recovery/reset
http://www.pchelplive.com/modules.php?name=Downloads 
----------------------------------
NTAccess can replace the administrator password of a Windows XP, Windows NT or Windows 2000 system by rebooting the computer with a special set of boot disks or CD-ROM (XP only). This is useful if you forgot the administrator password and cannot access the Windows XP/2000/NT system.
http://www.sunbeltsoftware.com/product.cfm?id=265


LC3 - The Password Auditing and Recovery Application

LC3 is the latest version of the award-winning password auditing and recovery application, L0phtCrack. It provides two critical capabilities to Windows® network administrators:
Free 15 day trial
http://www.atstake.com/research/lc3/index.html


L0phtCrack, The integrated password cracker for NT
http://www.securiteam.com/tools/L0phtCrack__The_integrated_password_cracker_for_NT.html
Locksmith
http://www.winternals.com/products/repairandrecovery/locksmith.asp

Windows XP / 2000 / NT Key is a program to reset Windows XP / 2000 / NT security if Administrator password, secure boot password or key disk is lost.
http://www.lostpassword.com/windows-xp-2000-nt.htm

Or you could, if you have a FAT32 file system, just boot to a Win98 bootdisk and rename the SAM file (registry Hive) in the C:\WINNT\system32\config folder to something else. Of course this will remove all accounts on the system and you will need to rebuild them. If you are using NTFS then boot to the Win2000 CD and do this from the Recovery console.

For XP
Windows XP Tip: Password Recovery Disk
Take preventive measures against losing user-level passwords
http://www.techtv.com/callforhelp/answerstips/story/0,24330,3356093,00.html

0
Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

 

Author Comment

by:eltule
ID: 8011546
I tried to log in as the local admin but couldn't. It wouldn't accept any of the passwords that I tried. I think this user changed the admin password as well, but now can't remember what it is.
0
 

Author Comment

by:eltule
ID: 8011583
It appears that I didn't understand what I was looking for, thanks for pointing it out.
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 8146516
ELTULE... Seems to me, that You had a problem, before You asked Your question, and still have, after NOUELLETTE solved Your question: "A user in my office went into Adminstrative tools"

Everybody can do that, but only members of the LOCAL admin group can delete the local administrator user.


:o) ELTULE..., and everybody else.

PLEASE READ THIS CAREFULLY:

You must NEVER NEVER add a Domain User Group to the Local Admin Group on each workstation.

And You must NEVER add the same Domain User to the Local Admin Group on more than his/hers own workstation

If You add a Domain User Group to the Local Admin Group, every member of this Domain User Group gets unlimited REMOTE access power of every workstation on Your network.

The unlimited REMOTE access involves:
1. Explorer: \\ComputerName\C$
2. Registry
3. Computer Management (Control Panel)


IF YOU WANT TO KNOW MORE ABOUT THIS ISSUE:
http://www.experts-exchange.com/Security/Win_Security/Q_20506528.html
http://www.tryware.dk/English/W2kLocalGroupPolicy/TotalAdminPower.html
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windows2000serv/evaluate/featfunc/07w2kadc.asp
http://support.microsoft.com/?kbid=182734


IF YOU WANT TO TEST IT:
You have to grant a Domain User Group to the Local Admin Group on BOTH test-workstations, AND logout and logon again.

Important: You have to make a new logon after creating the credentials, because they are given in W2k in the second where You press ENTER to password when logging on.

Please reply, when You have removed the Domain User Group from the Local Admin Group again!


Many Regards

Jorgen Malmgren
IT-Supervisor
Denmark

:o) Your brain is like a parachute. It works best when it's open

0

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
Suggested Courses
Course of the Month11 days, 20 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question