Windows 7 login screen restrictions

I've recently taken over managing a number of Windows 7 workstations on a 2008 AD. One workstation displays only two (domain) user accounts as options for logging in. Local admin is not displayed. Both of the displayed domain accounts have been deleted. So, a disgruntled user has managed to lock out everyone. All Safe Mode options wind up at the same place. I would rather understand what's going on than simply rebuild it. No other admins around me has seen this.
Who is Participating?
johnb6767Connect With a Mentor Commented:
Sorry DH, don't wanna step on your toes there.....

If you cannot select to Change User...

You could apply some policies to get this back and logon with a Classic Logon screen, should be ok....

Understand and Configure the Welcome Screen and Classic Logon Screen
On the log on screen select change user. Then in the new log on window type .\administrator
This will log you on to the local machine if you have the correct Admin password.
From there you can right click My Computer and Manage. You should be able to open and change any accounts from there.
If they went in to gpedit.msc and made changes you can undo those as well.
Sounds like Cached logons. Local Admin is not enabled by default, and should NOT show there. And guessing you are forcing a Classic Logon Screen, as you aren't getting the standard Username/Password boxes.....

Can you not select Change User?
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

I didn't read that as he couldn't select Change User. If that is the case though then the .\ trick wouldn't work.
bdbuchananAuthor Commented:
Selecting 'Change User' only allows me to toggle between the two displayed accounts. The computer has an account in the domain, but I cannot manage it. I can ping the workstation and resolve the IP to the workstation name, but I cannot RDP to the workstation. Not sure if the previous user disabled RDP locally or what. So, I have no way of gettiing into this box.
In a pinch you can potentially use Petter Nordahl-Hagen's Offline NT Password & Registry Editor to both activate the built-in Administrator account and temporarily clear the password to gain access to the machine.

After you have burned that ISO to disc, boot up into the Linux environment to activate the admin account and reset your password.  I have been using this utility to help people with their forgotten Windows passwords for over ten years, and unless the hard drive has actually been encrypted it has worked every time. Here is a comprehensive tutorial on how to utilize it:

There are two important steps within that tutorial that warrant extra attention:

- When you reach the User Edit Menu stage of the process it's best to select "1" to Clear (blank) user password.  You can always change the password to something more secure after you successfully log into Windows with the blank password.

- When you reach Step FOUR: Writing back changes, you will be queried with About to write file(s) back! Do it? [n].  If you inadvertently pressed Enter on this screen the changes won’t go into effect.  You need to specifically type "y" first for the updates to be written to the operating system.
"Selecting 'Change User' only allows me to toggle between the two displayed accounts"

Are these Domain/Local accounts?
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.