| |||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Hello and welcome to CertForums.co.uk, here we host free active certification forums with links to the best free resources for Microsoft's MCSA MCSE MCDBA Cisco's CCNA CCDA and CCNP, and CompTIA's A+ Network+ i-NET+ and Security+ certifications in the UK. If you wish to post or use other advanced features you will need to register first. Registration is absolutely free and takes only a few minutes to complete so sign up today! If you have any problems with the registration process or your account login, please contact support |
|
|||||||
| Home | Forums | Community | Register | Search | Today's Posts | Mark Forums Read |
|
|
|
Vista Local/Domain Security Issue |
  |
|
|
Thread Tools | Display Modes |
|
#1
08-May-2008, 01:46 PM
|
||||
|
||||
Vista Local/Domain Security Issue
Here's one issue id like help with
A friend of mine has a laptop that comes with Vista Business 32bit, it's all up to date including SP1, it has just one user on it, example for this is bob who is also a local administrator Now they have added the laptop to the 2003 domain and bob also has an account on the domain, same username and password. on joining the domain the local administrator account is disabled. Now for whatever reason, they needed to take this laptop off the domain, which was fine, until the laptop restarted and they logged on as bob (local account) Bobs local account is now only a guest user, so he cannot do anything on the laptop, cannot open control panel items, the manage computer section, add it to the domain and so on. Also when trying to access these things, UAC kicks in saying you need to enter an administrator password before the ok box will no longer be grey, however the UAC message does not have a box to enter said password. So apart from formatting the laptop and starting again, is there anyway to get into this laptop as the local administrator account is still disabled even though its no longer on the domain? Thanks Andy
|
|
|
|
#4
08-May-2008, 04:40 PM
|
||||
|
||||
|
The built in administrators account is disabled and I believe this is done automatically when you join Vista to a domain, however when you remove it from the domain, it does not enable the local administrator account.
So at the moment the only account active is Bob with his guest rights... And we have no means to be able to re enable the local administrator account. Looks like a rebuild then. Edit seems to be a bug and local administrator account is disabled by default in vista http://forums.microsoft.com/TechNet/...5241&SiteID=17
|
|
#5
08-May-2008, 05:29 PM
|
||||||
|
||||||
|
Quote:
1. Boot into Safe Mode 2. Go to Start > Run. Type ‘control userpasswords2’ 3. Go to the Advanced tab 4. Click the Advanced button in Advanced user management 5. Go in to the Users container 6. Right click the Administrator account, select Properties 7. Uncheck the Account is Disabled box. 8. Save your changes. 9. Reboot the PC. 10. Type Administrator as the username and log in with your password. 11. Send me £20. A+, Network+, MCP, MCSA 2003, (70-270, 70-290, 70-291, 70-293). Microsoft Course 2576. CPU: C2D E6600 @ 2.8 Ghz HSF: Zalman CNPS9500A-LED Mobo: Asus P5K Premium-Black Pearl Ram: Corsair XMS2 2x1GB DDR2-675MHz GPU: Asus EN8600GT DX10 HD: OS = 1xWD1600YS HD: Data = 3xWD1600JS RAID5 PSU: Hiper Type-R 530W Case: Thermaltake VC3000BWS Display: Samsung SyncMaster 2232BW
|
|
#6
08-May-2008, 09:15 PM
|
|||||
|
|||||
|
Do you have group policy configured on the domain for the PCs\Laptops? It sounds like you may have a policy in place that disables the local admin account and also changes the membership of the local administrators group.
Are you able to run system restore with just user rights? If you restore to a point before you took it off the domain it *should* put it back on and you might be able to logon with a cached domain admin account. Long shot though!  "What's the difference of supporting desktops in a work group environment vs in domain environment? really? It's all the same..." ~Anon
|
|
#7
09-May-2008, 04:31 AM
|
|||||
|
|||||
|
http://support.microsoft.com/kb/942956
has some good info Crito Philippatos MCSE and MCSA on Windows Server 2003, MCTS on SQL Server 2005, MCDBA on SQL Server 2000, A+, Network+, Linux+, Security+, CEH JOIN the IT workers' union (U.S.A. only, sorry): http://washtech.org/
|
|
#8
09-May-2008, 08:29 AM
|
||||
|
||||
|
no policy's in place and as per that last article, it states that on a new install (which was done by the manufacturer) that the administrator account is disabled by default so we cannot log on in safe mode other than the existing user who has no rights.
Unable to run the userpasswords2 as it requires elevated privileges of which the current user does not have being a guest. Good suggestions though Thanks Andy
|
|
#9
09-May-2008, 01:31 PM
|
|||||
|
|||||
|
I'm surprised bob's local account got messed up by the domain account. But in all fairness, I think Vista's default of disabling the local admin account is better than XP's default of leaving it enabled with a blank password.
 Crito Philippatos MCSE and MCSA on Windows Server 2003, MCTS on SQL Server 2005, MCDBA on SQL Server 2000, A+, Network+, Linux+, Security+, CEH JOIN the IT workers' union (U.S.A. only, sorry): http://washtech.org/
|
Spread this thread:
|
|
|
|
||||||
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Security Issue? | nXPLOSi | Security & Viruses | 7 | 27-Mar-2008 01:41 PM |
| Network Security Assessment, 2nd Edition | tripwire45 | Reviews | 2 | 21-Dec-2007 06:06 PM |
| Starting a Career in Cyber Security | tripwire45 | News | 1 | 08-Nov-2007 04:26 PM |
| Windows Vista Security Guide | Mitzs | Security & Viruses | 0 | 05-Feb-2007 01:25 AM |
All times are GMT. The time now is 04:30 AM.