How Administrator can unlock computer?
At our company we use Windows 7. Now, when a computer is locked ,we cannot unlock this computer with an administrator account. The last thing I remembered, we disabled Fast user Switching via group policy.
In Windows XP, when a computer is locked, you see the message:
This computer is in use and has been locked
only DOMAIN\user or an administrator can unlock this computer
Is there a way to to this in Windows 7?
In Windows XP, when a computer is locked, you see the message:
This computer is in use and has been locked
only DOMAIN\user or an administrator can unlock this computer
Is there a way to to this in Windows 7?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hang on... doesn't your Win7 box show the same message "This computer is in use and has been locked..."
or... are you saying that it does display the message, and that it doesn't work when you try it
or... are you saying that it does display the message, and that it doesn't work when you try it
ASKER
No, in fact, it just shows that this system is locked by this user but there is no way to edit username or administrator can unlock that system. It is weird indeed...
... and you don't have the "Switch User" button below?
A1opus--And none of the suggestions in my earlier post helped?
ASKER
Graye:
As I told earlier, our Windows machines are in Domain environment and we have disabled Fast Switching...
@jcimaroon:
No, none of above link helped me... and how many times will I use remote desktop to unlock the machines? I need permanent solution or guide...
As I told earlier, our Windows machines are in Domain environment and we have disabled Fast Switching...
@jcimaroon:
No, none of above link helped me... and how many times will I use remote desktop to unlock the machines? I need permanent solution or guide...
but the remote desktop does work for you as well then ?
Thats the only method Ive found that works for us...
Thats the only method Ive found that works for us...
ASKER
Lets suppose I am in computer and found couple of locked machines; what should I do? should login to another machine and remote desktop that machine to unlock it? Well, it is good for couple of times but it is not the solution. I know, there are some workarounds but I need solution.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Here is what I can do on my Windows 7 machine.
First, go to Start -> Run -> control userpasswords2 . In Advanced, check "Require Users to press Ctrl Alt Del"
Now, when I lock the Windows 7 machine, at first it appears only I can unlock it. But there is a Cancel button below. Press Cancel and a userid screen comes up. From here you can switch users.
... Thinkpads_User
First, go to Start -> Run -> control userpasswords2 . In Advanced, check "Require Users to press Ctrl Alt Del"
Now, when I lock the Windows 7 machine, at first it appears only I can unlock it. But there is a Cancel button below. Press Cancel and a userid screen comes up. From here you can switch users.
... Thinkpads_User
ASKER
As I mentioned earlier. We have disabled user Switching via Group Policy......
If your policy overrides using Ctrl-Alt-Del, then it would look like you are out of luck. I disabled fast User Switching on my own machine (but not by Group Policy), and what I supplied works on my machine.
... Thinkpads_User
... Thinkpads_User
The GPO prevents the "double Ctrl-Alt-Del" keypress that was so useful in XP so suspect blocks this in control userpasswords2 as well :(
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Any access via safemode in an administrator account?
In there you could change the password on the locked out systems?
In there you could change the password on the locked out systems?
ASKER
In fact, I am not seeking solution for any special case. What if I go in one of our labs and there are couple of machines locked by users, so what will I do? Should I login to any machine and remote in those locked machines one by one.... It is pathetic... It's a workaround indeed... I need solution.... There should be an option to unlock machine by administrator's password as it was in XP.
psshutdown allows for a list of PCs (given manually or as a file). If you really have that lot of PCs you need to log in as another user you can implement a batch file checking all known PCs (or a group, or whatever you like) for the logged in user, and log it off if it isn't the Admin.
The only other suggestion I can give is to reboot the machine. That is pathetic, too, but works.
The only other suggestion I can give is to reboot the machine. That is pathetic, too, but works.
In my humble opinion..
Seems to me the problem here is the users can create their own password so even an administrator cannot have access there, this then may not be a windows problem.
Windows 7 and windows Vista all have what is called a hidden administrator account have you tried logging in as that?
Most large companies, like my work place have this same scenerio where every department logs into the server in their own section.... all users have their own account/ password but to their own accounts on the server system.
No other user can access it but an administrator has access all the departments> accounts from the server side. Main System.
Are these systems windows Home basic?
You could disable the UAC
http://www.howtogeek.com/howto/windows-vista/disable-user-account-control-uac-the-easy-way-on-windows-vista/
Otherwise
You'll have to ask the users declare the passwords for the administrator only.
Seems a commonsense thing to do.
Can't offer anything else sorry but to read another with a similar problem
Computer Locked / Loss Of Authority Of Administration Account
http://windows.bigresource.com/Win7-computer-locked-loss-of-authority-of-Administration-Account-AEHkwFj1.html#8oULdaLZ
Hope you find a solution to this annoying problem.
Regards Merete
Seems to me the problem here is the users can create their own password so even an administrator cannot have access there, this then may not be a windows problem.
Windows 7 and windows Vista all have what is called a hidden administrator account have you tried logging in as that?
Most large companies, like my work place have this same scenerio where every department logs into the server in their own section.... all users have their own account/ password but to their own accounts on the server system.
No other user can access it but an administrator has access all the departments> accounts from the server side. Main System.
Are these systems windows Home basic?
You could disable the UAC
http://www.howtogeek.com/howto/windows-vista/disable-user-account-control-uac-the-easy-way-on-windows-vista/
Otherwise
You'll have to ask the users declare the passwords for the administrator only.
Seems a commonsense thing to do.
Can't offer anything else sorry but to read another with a similar problem
Computer Locked / Loss Of Authority Of Administration Account
http://windows.bigresource.com/Win7-computer-locked-loss-of-authority-of-Administration-Account-AEHkwFj1.html#8oULdaLZ
Hope you find a solution to this annoying problem.
Regards Merete
ASKER
Merete:
This is not the case at all. Suppose you are a student of any university and use labs as well. You locked your machine before leaving lab and forget next day to unlock it. Now when other user will try to unlock it, she couldn't because there is no option at all, if that user go to IT helpdesk, even administrator cannot unlock that machine because you can edit username but only password. Do you remember, how it used to work in XP. Administrator can change the username.
This is not the case at all. Suppose you are a student of any university and use labs as well. You locked your machine before leaving lab and forget next day to unlock it. Now when other user will try to unlock it, she couldn't because there is no option at all, if that user go to IT helpdesk, even administrator cannot unlock that machine because you can edit username but only password. Do you remember, how it used to work in XP. Administrator can change the username.
Patient: Doctor, doctor... it hurts when I raise my arm.
Doctor: Then don't raise your arm!
It certainly looks like you just need to change the GPO to allow Fast User Switching. Then everything wll work just like you'd expect. I mean, you've turned the feature off, and are now complaining that you don't have that feature anymore.
Doctor: Then don't raise your arm!
It certainly looks like you just need to change the GPO to allow Fast User Switching. Then everything wll work just like you'd expect. I mean, you've turned the feature off, and are now complaining that you don't have that feature anymore.
ASKER
Ha ha ha ... Very funny.... Try it again ....
If I disable fast user switching, it is obvious, we don't want it ...
In XP era, when administrator used to unlock the machine, it wasn't user switching... It automatically logs off the current user. So there must be any solution in Windows 7 as well, thats why I opened a question here....
If I disable fast user switching, it is obvious, we don't want it ...
In XP era, when administrator used to unlock the machine, it wasn't user switching... It automatically logs off the current user. So there must be any solution in Windows 7 as well, thats why I opened a question here....
Oh dear seems we have hit a stalemate,
The problem here as I see it
because there is more than one user account on the system that's made it very dificult to bypass any password locked system., if there had been only one then you could get in. You may have experienced this in xp as well.
I think there is no solution here because there is more than one account.
And all administrators?
I was under the impression these are workstations not shared systems.
Any chance you can get that user back to unlock the system? :P
Is the account expired?
Windows 7 is pretty secure but there is hacks, I do hate the word but since we can't post links to these types things, I'm sure you understand.
I can offer you the name KON-BOOT to google for, it's a dangerous thing in the wrong hands.
KON-BOOT sneeks into Windows and linux kernel on the fly while booting,
It allows users to bypass logon passwords completely by simply booting via the KON-BOOT CD or Floppy disk, in its current incarnation the software has been tested to bypass logon passwords on Windows 7, Windows Vista, Windows XP, Windows Server 2003 /2008, Gentoo, Ubuntu, Debian and Fedora.
Just follow the simple steps ahead to create KON-BOOT bootable CD or Floppy and bypass logon passwords.
The problem here as I see it
because there is more than one user account on the system that's made it very dificult to bypass any password locked system., if there had been only one then you could get in. You may have experienced this in xp as well.
I think there is no solution here because there is more than one account.
And all administrators?
I was under the impression these are workstations not shared systems.
Any chance you can get that user back to unlock the system? :P
Is the account expired?
Windows 7 is pretty secure but there is hacks, I do hate the word but since we can't post links to these types things, I'm sure you understand.
I can offer you the name KON-BOOT to google for, it's a dangerous thing in the wrong hands.
KON-BOOT sneeks into Windows and linux kernel on the fly while booting,
It allows users to bypass logon passwords completely by simply booting via the KON-BOOT CD or Floppy disk, in its current incarnation the software has been tested to bypass logon passwords on Windows 7, Windows Vista, Windows XP, Windows Server 2003 /2008, Gentoo, Ubuntu, Debian and Fedora.
Just follow the simple steps ahead to create KON-BOOT bootable CD or Floppy and bypass logon passwords.
ASKER
No dear... My question is not that much confusing, I think... it's a domain machine..... It is obvious that many users use to login on it...... In Windows 7 there is Fast User Switching... If it is enabled, any user can logon while other is already logged in. But we have disabled the Fast user switching.. So therefore now there is no switch option but there is no option to change or edit user as well like XP... So now, administrator or anyother user cannot unlock that machine except the logged in user...
I hope, now confusion should be cleared away...
I hope, now confusion should be cleared away...
Which bit of my first post wasn't clear?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
A workaround would be to allow for Fast User Switching, but check on login if another interactive user is logged in already - and rejecting it, but for the Admin. Not what you want, but the best approach if you can't get the "override login" procedure.
ASKER
is there any way to check any other interactive logged on user?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Please delete this question. I didn't find any systematic solution. I appreciate everyone's help but unfortunately, all are the workarounds indeed.
I'm sorry, but "You can't do that" is a valid answer, and has been posted many times here now (by other experts). Either you accept that you can't do it at all with your setup, or you accept that you need to use a workaround, like RDP or switching on Fast User Switch and refusing parallel login as in my script.
Suggest even split:
http:#32957093 Author:PsychoFelix
http:#33082370 Author:MASQUERAID
http:#33082428 Author:Qlemo
http:#33100470 Author:graye
http:#33104316 Author:Qlemo
Qlemo double share because of the useful script.
http:#32957093 Author:PsychoFelix
http:#33082370 Author:MASQUERAID
http:#33082428 Author:Qlemo
http:#33100470 Author:graye
http:#33104316 Author:Qlemo
Qlemo double share because of the useful script.
http://www.sevenforums.com/general-discussion/76482-unlocking-computer-prompt-user-selection.html
http://windows7forums.com/windows-7-programming-scripting/4383-unlock-supersecret-administrator-account-vista-windows-7-a.html
http://www.sevenforums.com/general-discussion/75176-unlock-computer-when-switch-user-turned-off.html
-----------------
This is probably not applicable to Win7, but may have some ideas
http://support.microsoft.com/kb/242917