Solved

Windows 2008 no administrator user problem

Posted on 2013-01-11
17
569 Views
Last Modified: 2016-11-23
Hope someone can help. Got two Dell Inspiron Laptops Windows 8 64bit.  Joined them to our company domain with a domain user who had admin rights to the laptops. Had not activated the administrator user yet when staff members took laptops into the field, changed from on our domain to WORKGROUP, must have deleted the domain user with admin privilages and now I'm stuck with one laptop where I can login as the one existing local user ( no admin rights but same password works as the network user) and the other laptop says incorrect password for the same user and no login possible.  I have tried everything including pulling the drive to look at it on another pc in hopes of using SAM and other files from the repair folder under system32 but there is no repair folder in Win 8.  
Can anyone tell me how I can at least get a user with admin rights on the laptop i can log into. All access is denied to all admin features for that one existing local user.
Thanks

In addition, forgot to say that on the laptop I can log onto when I try to run cmd as an administrator to be able to do net user administrator/  active:yes.... I get a screen that says
User account control
Do you want to make changes....
To continue, type an administrator password, and then click Yes, however there is no field to type a password and Yes is grayed out.
0
Comment
Question by:Mike-LFC
  • 9
  • 5
  • 2
  • +1
17 Comments
 
LVL 53

Expert Comment

by:McKnife
ID: 38768333
Hi.

For ages, there's this password reset bootable CD: http://pogostick.net/~pnh/ntpasswd/
Works with 8, can blank the admin password AND activate (="unlock") the account, yes, all possible.

This normally cannot happen to you unless you remove the domain membership. No one on that laptop could have unjoined it from the domain unless he had local admin rights, by the way.
0
 
LVL 13

Expert Comment

by:Gabriel Clifton
ID: 38768441
you can try the McKnife post and you can try from a remote computer that has admin privileges and psexec

net user administrator /active:yes
net user administrator new-password
0
 

Author Comment

by:Mike-LFC
ID: 38768453
I tried this option on the laptop that that I cannot log into.  Had to change to Legacy in Bios to make it boot to the CD but pogostick did not recognize any partitions. You get your usual options for
boot nodrivers
boot nousb
boot irgpoll
boot vga-ask

I did not select anything and then it loads itself giving me:
Step one: select disk whre the windows install is

Disks:
Disk /dev/sda 500.1 GB
Candidate windows partitions found:

Please select partition by number or
q=quit
d=automatically start disk drivers
m=manually start drivers
f=fetch additional drivers from usb.
a=show all partitions found
l-show probable windows ntfs partitions only
Select: [1]

Please advise what to do from here. Pressing ENTER all the way through as they suggest leaves me at the choices prompt above.  It says that there is a registry editor - could I just use that to activate the administrator user?

Thanks, Mike
0
 

Author Comment

by:Mike-LFC
ID: 38768466
Hi PantherTech,
Remote access was not yet enabled on these laptops. :(
0
 
LVL 13

Expert Comment

by:Gabriel Clifton
ID: 38768469
for most of that program you can default your way through (press enter) which in this case is l-show probable windows ntfs partitions only. then you can modify administrator and the only thing you need to remember is something about write data back you enter y.
0
 

Author Comment

by:Mike-LFC
ID: 38768521
Entering L does nothing - only brings me back to those selections.
Entering d for automatic said
Loading ahci
Driver load done, if none loaded try manual instead.
Still no partitions when pressing L
Should I change from ahci to ata in bios?
0
 

Author Comment

by:Mike-LFC
ID: 38768532
Ok when I changed to ata I get my choices and
Select: [1] usb 2-1.5: new full speed usb device using ehci_hcd and address 3
0
 
LVL 8

Expert Comment

by:lancecurwensville
ID: 38768675
You may have already tried but since your post did not explicitly state....
Rejoin to your domain.  Log on as domain admin,  create a new local user under management.   I belive you can join to a domain with limited local rights,  but I cant verify at my current location
0
Integrate social media with email signatures

Is your company active on social media? Do you also use email signatures? Including social media icons in your email signature is a great way to get fans for free. Let all your email users know you’re on social media quickly and easily, in a single click.

 

Author Comment

by:Mike-LFC
ID: 38768752
cannot change settings and re-join domain without admin privileges
0
 
LVL 53

Expert Comment

by:McKnife
ID: 38770207
Oh yes, you may join the domain without admin rights, any user may join up to 10 stations unless the domain admin hasn't changed that - unjoining however cannot be done without.

So if you fail with the bootdisk (maybe the disk is encrypted and therefore no "candidate windows partition" can be found?), and you want to try rejoining it, have your domain admin delete the computer account from the domain, otherwise you would indeed need domain admin rights to rejoin it because that would mean overwriting the old computer account.

"It says that there is a registry editor - could I just use that to activate the administrator user? " - no.
0
 

Author Comment

by:Mike-LFC
ID: 38772009
Hi McKnife,
I won't have access to those laptops again until tomorrow but I wanted to comment on what you wrote about rejoining the domain.  As I mentioned he single existing user that I login as has no admin rights. When I go to "my computer" properties and see that I am now on Workgroup instead of my domain there is of course the selection to the right for making changes that would usually allow me to enter the domain name, administrator of domain and password. Problem is that when I click on that selection to "make changes" I get a box that says "To continue, type an administrator password, and then click Yes", however there is no field to type a password and Yes is grayed out. Is there any other way to rejoin the domain? Those laptop accounts still exist on the server domain. If only I had enable the admin user on the laptops or enabled remote access before all was lost.  I even get access denied if I try to go to local security policy or the system32 folder with the SAM file to replace it with another from cmd prompt. :( When I run on the laptop it also goes right to Eenter the password for the one existing use with no option to login as another.  Whats up with Windows 8?
0
 
LVL 53

Expert Comment

by:McKnife
ID: 38773518
It's not win8's fault.

Did you ever enable user accounts by deleting/exchanging the SAM? I don't think so.
Let's go one step back: The normal and easy way is the bboot disk - yours does not seem to find your windows installation, that's what we got to fix and were good to go.
So please (2nd try) answer if the drive is encrypted. if it ain't, there will be a way to use the bootdisk.
0
 

Author Comment

by:Mike-LFC
ID: 38776117
Hi McKnife,
The drive is straight from Dell so I do not believe it is encrypted.  The http://pogostick.net/~pnh/ntpasswd/ program does not find any partitions. I just don't know what to do next.  Like I said I did need to change from  drive to Legacy in the bios in order to get the laptop to boot the pogostick cd. Please excuse if I am missing something or not understanding something obvious that  you are trying to explain to me. I am denied access to the system32 folder with the SAM file.
0
 
LVL 53

Expert Comment

by:McKnife
ID: 38776150
It's odd that no win partition was found, because the boot disk found you hdd as it stated it's a 500GB one, or isn't it? I would take out the disk and connect it to a different machine and retry with the boot cd. I have used this bootdisk at least 50 times and never ever no partition was found. However, if the boot dvd has a problem with your hard drive controller, it won't find anything, but logically it wouldn't be able to state 500GB.

Retry on another machine.
0
 

Accepted Solution

by:
Mike-LFC earned 0 total points
ID: 38776431
I used a program for $49 called active password changer, booted to the disk, saw the partition, enabled the administrator and cleared the password. Booted just fine and entered new admin password.
0
 
LVL 53

Expert Comment

by:McKnife
ID: 38776446
Glad you made it!
0
 

Author Closing Comment

by:Mike-LFC
ID: 38809146
I found software myself that solved my user account problem.
0

Featured Post

The curse of the end user strikes again      

You’ve updated all your end user’s email signatures. Hooray! But guess what? They’re playing around with the HTML, adding stupid taglines and ruining the imagery. Find out how you can save your signatures from end users today.

Join & Write a Comment

This is an article about Leadership and accepting and adapting to new challenges. It focuses mostly on upgrading to Windows 10.
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now