Solved

Windows 7 Password recovery and OS mirrored drives

Posted on 2014-11-29
12
190 Views
Last Modified: 2014-12-05
A new client called today and asked if I could recover there password on a Win 7 machine with mirrored drives on a workgroup.  The last tech they called tried to use a Password Recovery tool but it did not work.  He told them it was because the drives where mirrored.  If I use the "Sticky Key" solution or tried copying cmd.exe to another program using Ubuntu or a Windows PE disk do I run the risk of data corruption?
0
Comment
Question by:genusys
12 Comments
 
LVL 93

Expert Comment

by:John Hurst
ID: 40471794
If they forgot the password and if the admin account remains enabled as it should be, then you cannot recover it with Windows itself.

Some people have had success with PogoStick but I have not tried it myself.

http://pogostick.net/~pnh/ntpasswd/
0
 
LVL 11

Assisted Solution

by:andreas
andreas earned 240 total points
ID: 40471805
The pogostick / pnordahl thing is worth a try. According to the changelog they support dynamic disks and disk mirroring at least in some cases.

You should make a backup of the machine beforehand in case it goes wrong and cause data corruption.

If it fails with drives mirrored you might try to remove one disk (simulate failure) and the ntry tu run the pogostick tool again on the broken mirror. then try to boot your windows and see if it was successful. if yes, blank out the removed disk, e.g. with linux, then re add to the windows machine and re mirror again.
0
 

Author Comment

by:genusys
ID: 40471840
Thank you for the advise. I am supposed to be at the client on Tuesday. I will update everyone after. I will also download Pogostick and play around with it before I go. I too, was thinking about removing one disk and acting as if there was a disk failure.  Then I could use either Pogostick or windows repair + copy cmd.exe to easy access or stickykeys to fix it.
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 24

Expert Comment

by:VB ITS
ID: 40472032
If the default local Administrator account was never used or modified then you can also try booting up the machine in Safe Mode as this will enable the account. The password is blank by default.
0
 

Author Comment

by:genusys
ID: 40472065
I will try that as well. Thank you
0
 
LVL 92

Expert Comment

by:nobus
ID: 40472289
0
 
LVL 54

Accepted Solution

by:
McKnife earned 260 total points
ID: 40472409
Some important notes:
Under normal circumstances, "pogostick utility" always works. I have never seen a single case where it didn't. But: if you have software mirrored drives (dynamic disks), then there might be a small chance that it will fail. The documentation mentions dynamic disk support since 2008 but it is unclear if it works flawless. Worth a try anyway.
The "sticky key method" you mention - what should that be, the utilman.exe, you mean? That always works. And would be my second best option.
Then finally a comment on safe mode: no, safe mode does not activate ANY account. The difference is simply that on safe mode of win xp, the local admin account is being displayed on the logon screen, but it won't activate. If it is deactivated before, it still won't display.
0
 

Author Comment

by:genusys
ID: 40472534
My Sticky Key/Utilman/Magnifyer are the same thing.  I've used it before with success.Thanks for the info on Pogostick.
0
 
LVL 6

Expert Comment

by:Rob G
ID: 40474198
I used/use KonBoot which works fine with most versions of windows, though it will not display the previous password, it will allow you to login as an admin and change the previous password to something else, so that you can log into the system.

I believe the x86 version.. windows Xp and prior is free, while the x64 version vista and newer is a paid version.

I would look into that.. It does work, and is a great tool for any office admin..
0
 

Author Comment

by:genusys
ID: 40482689
Went to the client yesterday. Windows repair would not boot to Advanced Repair options. Pogostick could not load it's kernal. Both options where tried with a USB and CD.  Told client they need to rebuild the PC. Managed to get a data backup using a Ubuntu distro. Thanks to all for their help.
0
 
LVL 54

Expert Comment

by:McKnife
ID: 40482694
Ok, for the next time: "utilman.exe" is the most reliable method and it can be used right awy from any setup (win7/8.x).
0
 

Author Closing Comment

by:genusys
ID: 40482698
Went to the client yesterday. Windows repair would not boot to Advanced Repair options. Pogostick could not load it's kernal. Both options where tried with a USB and CD.  Told client they need to rebuild the PC. Managed to get a data backup using a Ubuntu distro. Thanks to all for their help.  Clearly there was an underlying issue. Rather than waste client $'s futzing around a rebuild of what is essentially a data store makes the most sense.
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Worried about if Apple can protect your documents, photos, and everything else that gets stored in iCloud? Read on to find out what Apple really uses to make things secure.
On Beyond Tools A conversation I recently had with the DevOps manager of a major online retailer really made me think about DevOps monitoring tools (https://www.onpage.com/devops-incident-management-tool/). The manager and I discussed how sever…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question