Titanium_Sniper
asked on
Locked out of MY computer
I need to access my files on my laptop, and it is a long story how I lost acess to them.
I am a college student and I have a few servers I am playing with but I guess do not know enough about windows yet.
I set up a domain, on my main server, but found that that makes the file server slow, so I moved it to another server.
I later reformatted that server (to make it faster with a RAID 0 array but my raid card was gay and odd things happened like wondows formatted the disk in 10 seconds), and lost all the domain info, and re-created the domain, but I didn't let my laptop conect to it.
The usernames and domain name were the same, however I used a different password for the account I use on my laptop so it wouldn't log in by accident or join to that domain ( I hoped).
I bought my first Domain name, Chadsdomain.org, and removed the domain and dns server roles from the domain controller.
I re made them a few hours later when my domain was activated with what seemed like default settings, and I went in and configured policy to make it annoying to steal my data or hack my network. The new domain had the same netbios name, as I had switched from mydomain.no-ip.org to mydomain.org.
My laptop was happy and didn't know all that happened, it seemed it just thought it was not on my network like when I go to class.
Then I restarted the computer and It would not log in after at least 15 attempts at the password I was using, many attempts at the new password on the new domain, and of course the administrator account and its password..
I unplugged the NIC and it let me log in with my user accoung on the old domain.
I went to a class, and forced the computer off with the power button for 5-7 seconds, and brought it back onto my network. Now it wouldnt log on with ANY passowrd, I found that ALL the accounts were disabled when I used a free online Password reset tool, It re-enabled the admin acct and reset the password, but I still couldn't log in with that admin acct. Also, the login box no longer had a plae to choose the domain and the advanced section contained only the option to shut down the pc, odd.
Now I cannot Get my files and I have tried:
Reset password with bootable password reset tool.
Hack my password, by emailing my self the sam and registry files with my syskey and all the passwords and getting the hash out with samdump. I couldnt crack it because it only saved the NT hash, rather than the old hash.
Use the knoppix cd I downloaded a year ago, which I couldn't figure out how to connect to my server and transfer the files. ( V.4 i think)
I took out the laptops hard drive and used my usb to ide cable from Newegg, and plugged it into the server.
The server recognised the drive after like 5 minutes, but it didnt shiow up in My Computer.
I went into Disk Management in Computer Management and saw the drive on the bottom list, not the top one. I right clicked it and it asked if I wanted to mount it on the MBR as disk 4 so I agreed. It then said HAHA I won't read this and to read more about it in the event log. I couldn't find the event in event viewer.
I am downloading Backtrack and some other programs now that should be able to get my files to my server but they will take a day or 2, so my question is:
What happened?
and how do I get my files back? because I have a job interview tomorrow and the location of it is in an e-mail on my computer.
I am a college student and I have a few servers I am playing with but I guess do not know enough about windows yet.
I set up a domain, on my main server, but found that that makes the file server slow, so I moved it to another server.
I later reformatted that server (to make it faster with a RAID 0 array but my raid card was gay and odd things happened like wondows formatted the disk in 10 seconds), and lost all the domain info, and re-created the domain, but I didn't let my laptop conect to it.
The usernames and domain name were the same, however I used a different password for the account I use on my laptop so it wouldn't log in by accident or join to that domain ( I hoped).
I bought my first Domain name, Chadsdomain.org, and removed the domain and dns server roles from the domain controller.
I re made them a few hours later when my domain was activated with what seemed like default settings, and I went in and configured policy to make it annoying to steal my data or hack my network. The new domain had the same netbios name, as I had switched from mydomain.no-ip.org to mydomain.org.
My laptop was happy and didn't know all that happened, it seemed it just thought it was not on my network like when I go to class.
Then I restarted the computer and It would not log in after at least 15 attempts at the password I was using, many attempts at the new password on the new domain, and of course the administrator account and its password..
I unplugged the NIC and it let me log in with my user accoung on the old domain.
I went to a class, and forced the computer off with the power button for 5-7 seconds, and brought it back onto my network. Now it wouldnt log on with ANY passowrd, I found that ALL the accounts were disabled when I used a free online Password reset tool, It re-enabled the admin acct and reset the password, but I still couldn't log in with that admin acct. Also, the login box no longer had a plae to choose the domain and the advanced section contained only the option to shut down the pc, odd.
Now I cannot Get my files and I have tried:
Reset password with bootable password reset tool.
Hack my password, by emailing my self the sam and registry files with my syskey and all the passwords and getting the hash out with samdump. I couldnt crack it because it only saved the NT hash, rather than the old hash.
Use the knoppix cd I downloaded a year ago, which I couldn't figure out how to connect to my server and transfer the files. ( V.4 i think)
I took out the laptops hard drive and used my usb to ide cable from Newegg, and plugged it into the server.
The server recognised the drive after like 5 minutes, but it didnt shiow up in My Computer.
I went into Disk Management in Computer Management and saw the drive on the bottom list, not the top one. I right clicked it and it asked if I wanted to mount it on the MBR as disk 4 so I agreed. It then said HAHA I won't read this and to read more about it in the event log. I couldn't find the event in event viewer.
I am downloading Backtrack and some other programs now that should be able to get my files to my server but they will take a day or 2, so my question is:
What happened?
and how do I get my files back? because I have a job interview tomorrow and the location of it is in an e-mail on my computer.
First off slow down. Domains are not something you just throw together. This is not a problem that isn't fixable you just need to be careful what you do in the mean time. You could make it unfixable.
1. Never use an external domain as an internal domain.
-mydomain.org is great for websites but causes conflicts when used for an internal network as well. You should have used mydomain.local or something along those lines. Use this link http://www.microsoft.com/technet/community/columns/profwin/pw0302.mspx it has all the necessary information linked to it including all of the best practices.
2. Although the netbios name and usernames were the same the schema was reset when it reinstalled the domain controller hence no computer account on the domain.
-Logging on as the local administrator should always work no matter what as long as you have the password. You do since you reset it. Thats all the program should have done is reset the password on the local admin account.
3. Logging in as the local admin will allow you to add/remove domains whether present or not. If you remove the computer from the old domain and then readd it the user folder should be reused and the settings and files should still be there. CAUTION *** THIS DOESN'T ALWAYS WORK *** CAUTION But since you need the information by tomorrow you might as well give it a try. Please see below before doing this.
-This will also allow you to access anything local on the hard drive. Including the user folder for the domain username you need the information from. If what you need is the email copy the email pst file or the set of files used by outlook express.
If you are using Outlook please open My Computer.
In the menu bar select Tools -> Folder Options.
On the View tab select "Show hidden files and folders" and press OK.
Open Local Disk C.
Open the Documents and Settings folder.
Open the folder named for the domain username you need the emails from.
Open the Local Settings folder.
Open the Application Data folder.
Open the Microsoft folder.
Open the Outlook folder.
Copy all the pst files to your local desktop for the admin account.
Import the pst files into the local admins Outlook profile.
Typically all you need is the pst named Outlook.
But in this case better safe and thorough than sorry.
If you are using Outlook Express please open My Computer.
In the menu bar select Tools -> Folder Options.
On the View tab select "Show hidden files and folders" and press OK.
Open Local Disk C.
Open the Documents and Settings folder.
Open the folder named for the domain username you need the emails from.
Open the Local Settings folder.
Open the Application Data folder.
Open the Identities folder.
Open the only folder that should be in there consisting of {#######} it's long and its always different. You may have multiple folders like this. Hopefully you only have one.
Open the Microsoft folder.
Open the Outlook Express folder.
Copy all the contents to your local admin folder using the same folder tree except instead of the domain username document and settings folder use the Administrator document and settings folder.
In either case this will get your email back or should get your email back.
You can also access your my documents folder and favorites from here. Heck you can even copy the desktop contents and start menu items.
If you can't login as the local admin reset the password using your reset tool again and follow those steps.
In any case you need to remove the laptop from the domain and readd it or use the network id wizard (which is what I recommend).
You can use this option by right clicking my computer and going to the Computer Name tab.
You should see two options Network ID and Change. If you want to do the old fashioned remove from domain to workgroup and readd to new domain use Change. If you want to reestablish a connection to the new domain use the Network ID option. This will allow you to renew the laptop on the domain. The quickest would be to copy the files above and figure out the rest later. The second quickest is to use the Network ID wizard and the third option always works but you may not use the same user folder which is exactly what you don't need right now. Hope that helps. Please post back with questions, concerns and the outcome.
1. Never use an external domain as an internal domain.
-mydomain.org is great for websites but causes conflicts when used for an internal network as well. You should have used mydomain.local or something along those lines. Use this link http://www.microsoft.com/technet/community/columns/profwin/pw0302.mspx it has all the necessary information linked to it including all of the best practices.
2. Although the netbios name and usernames were the same the schema was reset when it reinstalled the domain controller hence no computer account on the domain.
-Logging on as the local administrator should always work no matter what as long as you have the password. You do since you reset it. Thats all the program should have done is reset the password on the local admin account.
3. Logging in as the local admin will allow you to add/remove domains whether present or not. If you remove the computer from the old domain and then readd it the user folder should be reused and the settings and files should still be there. CAUTION *** THIS DOESN'T ALWAYS WORK *** CAUTION But since you need the information by tomorrow you might as well give it a try. Please see below before doing this.
-This will also allow you to access anything local on the hard drive. Including the user folder for the domain username you need the information from. If what you need is the email copy the email pst file or the set of files used by outlook express.
If you are using Outlook please open My Computer.
In the menu bar select Tools -> Folder Options.
On the View tab select "Show hidden files and folders" and press OK.
Open Local Disk C.
Open the Documents and Settings folder.
Open the folder named for the domain username you need the emails from.
Open the Local Settings folder.
Open the Application Data folder.
Open the Microsoft folder.
Open the Outlook folder.
Copy all the pst files to your local desktop for the admin account.
Import the pst files into the local admins Outlook profile.
Typically all you need is the pst named Outlook.
But in this case better safe and thorough than sorry.
If you are using Outlook Express please open My Computer.
In the menu bar select Tools -> Folder Options.
On the View tab select "Show hidden files and folders" and press OK.
Open Local Disk C.
Open the Documents and Settings folder.
Open the folder named for the domain username you need the emails from.
Open the Local Settings folder.
Open the Application Data folder.
Open the Identities folder.
Open the only folder that should be in there consisting of {#######} it's long and its always different. You may have multiple folders like this. Hopefully you only have one.
Open the Microsoft folder.
Open the Outlook Express folder.
Copy all the contents to your local admin folder using the same folder tree except instead of the domain username document and settings folder use the Administrator document and settings folder.
In either case this will get your email back or should get your email back.
You can also access your my documents folder and favorites from here. Heck you can even copy the desktop contents and start menu items.
If you can't login as the local admin reset the password using your reset tool again and follow those steps.
In any case you need to remove the laptop from the domain and readd it or use the network id wizard (which is what I recommend).
You can use this option by right clicking my computer and going to the Computer Name tab.
You should see two options Network ID and Change. If you want to do the old fashioned remove from domain to workgroup and readd to new domain use Change. If you want to reestablish a connection to the new domain use the Network ID option. This will allow you to renew the laptop on the domain. The quickest would be to copy the files above and figure out the rest later. The second quickest is to use the Network ID wizard and the third option always works but you may not use the same user folder which is exactly what you don't need right now. Hope that helps. Please post back with questions, concerns and the outcome.
Thought I would add that this should be a split points answer. I wasn't trying to hijack the answer from deadite, it just seemed better to give more information and explain better what happened. Sorry deadite, just trying to help.
ASKER
I tried my old administrative password, and others, with Administrator, and the thing I changed Administrator to in Policy.
I use thunderbird, and I have most of my emails backed up but probably not that one as I had a roaming profile.
Is it okay to use mydomain.org for the domain, if all the computers are on the internet? With Dynamic IPs?
Can I just pick an IP from the IP range our dorm uses, and set my server to that in the TCP/IP properties?
I will try that cd, The super cd I got which I wont name, sounds like about what you recomended, I put the cd in upside down (never done tht before) and now its working that I flipped it.
On a side note, I like it when 2 people say the same thing (not EXACTLY, but similar) because then I know it is good advice, I have seen some bad advice from people with few points, and I know what it is like to need points for the next month.
I was planning on removing all the viruses from my hard drive (Reformatting) and then joining the new domain.
I just move my files to my server, and delete the ones I dont need then reformat. ( I move the emails too of course)
Only problem with that server is is is 50 GB short of a terabyte.
I use thunderbird, and I have most of my emails backed up but probably not that one as I had a roaming profile.
Is it okay to use mydomain.org for the domain, if all the computers are on the internet? With Dynamic IPs?
Can I just pick an IP from the IP range our dorm uses, and set my server to that in the TCP/IP properties?
I will try that cd, The super cd I got which I wont name, sounds like about what you recomended, I put the cd in upside down (never done tht before) and now its working that I flipped it.
On a side note, I like it when 2 people say the same thing (not EXACTLY, but similar) because then I know it is good advice, I have seen some bad advice from people with few points, and I know what it is like to need points for the next month.
I was planning on removing all the viruses from my hard drive (Reformatting) and then joining the new domain.
I just move my files to my server, and delete the ones I dont need then reformat. ( I move the emails too of course)
Only problem with that server is is is 50 GB short of a terabyte.
ASKER
Update: I used a windows bootable live cd ERD, and it sees my hard drive and knows how big it is, but will not read it?
Is my drive broken?
Is my drive broken?
ASKER
Also, Windows still works, and the drive is set up as:
FAT partition for pagefile: 1.1GB
Main PArtition: ~55GB
Empty space: ~1.1GB
I was going to install xp pro on the empty space or pagefile, but it needs about 100 Meg more space and wont let me install.
FAT partition for pagefile: 1.1GB
Main PArtition: ~55GB
Empty space: ~1.1GB
I was going to install xp pro on the empty space or pagefile, but it needs about 100 Meg more space and wont let me install.
ASKER
Ok, Now my bios password isnt working right, I have typed it in 2x and then the 3x works, this has happened 3 or 4 times already.
ASKER
CRAP, I just went into bios and tried to remove the hard drive lock password, It had prompts for the old password, new password, and new password repeated.
When I typed in the old password, it came up with an error screen saying only
System Disabled
14534
Did I ruin my drive by trying to put it in my server?
When I typed in the old password, it came up with an error screen saying only
System Disabled
14534
Did I ruin my drive by trying to put it in my server?
Oh my, it's a wonder you made it this far. It's okay to use an external domain, it's just not recommended. Like I said it can cause conflicts, but that you can deal with as you come to it. You have a serious issue here however. Your bios password isn't functioning, your admin account is no longer admin, none of your passwords work...hmmm...sounds to me like its time either way to purchase a new laptop hard drive, since you have this one so fubar. I know thats not an answer but you should be able to boot from a knoppix disc copy the documents and settings folder and be good. Knoppix should not have any issues with the drive, you should update to the newest version its more stable and provide drivers and support for more things. Anything that boots from the cd should give you access to what you need. After that find out if your manufacturer has a way to hard reset the bios to default. Good luck!
There should be a battery in the laptop for the BIOS, and if you remove it for a minute, it will reset the BIOS. Then again, I've never done that on a laptop, so I have no idea if they do it different.
That is very odd that your laptop boots but ERD (Commander I assume) does not read the drive. This means that the file system should be fine since it boots, but since your other CD doesn't read it, seems like something is mor e likely to be up with that. I would try another offline utility CD... Knoppix or UBCD4Win should work.
That is very odd that your laptop boots but ERD (Commander I assume) does not read the drive. This means that the file system should be fine since it boots, but since your other CD doesn't read it, seems like something is mor e likely to be up with that. I would try another offline utility CD... Knoppix or UBCD4Win should work.
ASKER
I figured it out, the hard drive went kaput.
I am getting a free replacement from HP. (the lady just is sending one, they didn't even try to prove it wasent broken)
I lost all my data, and I dont think I can get it back without advanced recovery services that I cannot afford.
I am using the 5GB hard drive from my old laptop, and it works find but there is little space.
How should I set up my domain?
All I want is to be able to get to my file server from anywhere on the internet, and backup my profile to there when I log off, and install windows on my 2: $5 dual pIII 1.266ghz servers that have no cd or floppy drives but have PXE Boot.
I have 2 wireless routers, a 16 port switch, and a wireless bridge that may or may not work.
I have one computer that will be the domain controller, and dns server, and RIS server. The other server has files, vpn, mail ( dont use mail cause probably unreliable), wins, dhcp, and web on it. Wins and dhcp are for the "Internal" network that dosen't really exist anymore unless a vpn client is on it.
Currently I have my dynamic dns carrier assigning ftp, mail, www, and vpn .mydomain.org to the file, web, mail and vpn server and it assigns mydomain.org to my domain controller.
I am getting a free replacement from HP. (the lady just is sending one, they didn't even try to prove it wasent broken)
I lost all my data, and I dont think I can get it back without advanced recovery services that I cannot afford.
I am using the 5GB hard drive from my old laptop, and it works find but there is little space.
How should I set up my domain?
All I want is to be able to get to my file server from anywhere on the internet, and backup my profile to there when I log off, and install windows on my 2: $5 dual pIII 1.266ghz servers that have no cd or floppy drives but have PXE Boot.
I have 2 wireless routers, a 16 port switch, and a wireless bridge that may or may not work.
I have one computer that will be the domain controller, and dns server, and RIS server. The other server has files, vpn, mail ( dont use mail cause probably unreliable), wins, dhcp, and web on it. Wins and dhcp are for the "Internal" network that dosen't really exist anymore unless a vpn client is on it.
Currently I have my dynamic dns carrier assigning ftp, mail, www, and vpn .mydomain.org to the file, web, mail and vpn server and it assigns mydomain.org to my domain controller.
ASKER
The bios batteries in laptops are wierd and require more bravery than I have to get to and some are soldered into the motherboard.
This is a drive locak password so resetting is not easy, the bios and hard drive passwords have to match or the crive cannot be read.
Does anyone know the method for resetting the password on laptop drives?
Will you tell me?
Do you know how for a 60 GB Seagate Momentus 4200.2?
This is a drive locak password so resetting is not easy, the bios and hard drive passwords have to match or the crive cannot be read.
Does anyone know the method for resetting the password on laptop drives?
Will you tell me?
Do you know how for a 60 GB Seagate Momentus 4200.2?
ASKER
OK, I solved it on my own, by calling the tech support and finding a rare helpful person who wanted to get my computer working rather than get me off the phone.
It turns out the laptop is dead now, but the tech helped me recover my data.
I will still give points to anyone who tells me how to prevent this from happening again.
Please tell me where I went wrong in my plan.
My goals are:
to be able to log into any computer on my network and have my profile and all my programs automatically loaded upon login and backed up and schronized during log off.
I want to host multiple public and/or lan (lan being the dorm in this case) game servers on multiple machines.
I want to hoast one (more later) website using dynamic dns services to direct people to the servers dynaamic IP.
I want to be able to access everything the same way I do when on the network when I connect remotly through a VPN.
I want to have access to my file server from any part of the network.
I want to be able to print to my printer on the file server from anywhere on my network.
I want to be able to install windows on machines using the pre execution environment.
I want to have a single SQL server for my website and game servers and other stuff.
I want all this to be controllable through active directory.
I need to use as few IP's as possible becaue there are not too many extra ( there are like 900 residents and they have 10 bits for the host ID)
I need it to be secure enough so hackers and viruses would rather pick someone elses network.
How I try will do this:
I was thinking of setting up a free linux based firewall at my ethernet jack to protect my network from the rest of the dorm, any suggestions?
I was then going to have all the servers on a DMZ however I cannot assign IP addresses myself, and I need to let my ISP's DHCP server assign them addresses.
I would put the client(s) on a private IP range behind a router?
Do I need my own DNS server on the dmz and / or the lan?
Do I need 1 or 2 domain controllers total?, one on the lan and/or one the dmz?
Can the lan clients access file servers on the dmz?
The file/print/web and maybe vpn server will be on the dmz
How am I doing so far?
It turns out the laptop is dead now, but the tech helped me recover my data.
I will still give points to anyone who tells me how to prevent this from happening again.
Please tell me where I went wrong in my plan.
My goals are:
to be able to log into any computer on my network and have my profile and all my programs automatically loaded upon login and backed up and schronized during log off.
I want to host multiple public and/or lan (lan being the dorm in this case) game servers on multiple machines.
I want to hoast one (more later) website using dynamic dns services to direct people to the servers dynaamic IP.
I want to be able to access everything the same way I do when on the network when I connect remotly through a VPN.
I want to have access to my file server from any part of the network.
I want to be able to print to my printer on the file server from anywhere on my network.
I want to be able to install windows on machines using the pre execution environment.
I want to have a single SQL server for my website and game servers and other stuff.
I want all this to be controllable through active directory.
I need to use as few IP's as possible becaue there are not too many extra ( there are like 900 residents and they have 10 bits for the host ID)
I need it to be secure enough so hackers and viruses would rather pick someone elses network.
How I try will do this:
I was thinking of setting up a free linux based firewall at my ethernet jack to protect my network from the rest of the dorm, any suggestions?
I was then going to have all the servers on a DMZ however I cannot assign IP addresses myself, and I need to let my ISP's DHCP server assign them addresses.
I would put the client(s) on a private IP range behind a router?
Do I need my own DNS server on the dmz and / or the lan?
Do I need 1 or 2 domain controllers total?, one on the lan and/or one the dmz?
Can the lan clients access file servers on the dmz?
The file/print/web and maybe vpn server will be on the dmz
How am I doing so far?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I agree, it is an extremly nice and well thought answer.
I usually leave room to add more points for answers like yours, I dont want to be giving out 500 points to people who answer in just one line and get lucky. (well, now that I have limited points)
Thanks for the weeks of answers and good luck on getting free Expert status.
I usually leave room to add more points for answers like yours, I dont want to be giving out 500 points to people who answer in just one line and get lucky. (well, now that I have limited points)
Thanks for the weeks of answers and good luck on getting free Expert status.
Another method, which is close to your knoppix method, is to use a BartPE CD like the Ultimate Boot CD for Windows. Basically, it is a slimmed down version of XP that runs on a CD. Download this at www.ubcd4win.com and then place the CD in your laptop. Boot from the CD, and you should be able to read and access your Drive with full access. Plug a USB flash drive into your laptop, which the UBCD4win will recognize. You can then copy your email database files from the hard drive to your flash drive. Here are where they are stored for outlook express:
C:\documents and settings\username\local settings\application data\identities\{randomstr
Plug your flash drive into a computer with windows, and open outlook express and import the email files. Likewise, you can do the same using outlook. The outlook data files are stored here:
C:\documents and settings\username\local settings\application data\Microsoft\outlook
Let's start trying to make some sense of what happened. You joined the laptop to your original domain and logged on using a domain account. This created a local profile of that domain account on the laptop. By default, windows will cache the last 10 logins. This is why you were able to login using the old password after you killed your domain. It sounds like you didn't rejoin the laptop to the new domain, this is why it wouldn't authenticate using the new username and password.