Logging on to a Problem Machine

I have a Windows 2000 machine that won't allow the user to log on. When we try to log on with a domain account, we see a message that the computer name isn't recognized by the domain. We don't know the local administrator's password, so we can't log on as the administrator. Is there a way to bypass the logon screen?

There's no way to bypass the logon screen native to Windows--even if you use the recovery console, you'll need the appropriate password. However, I can recommend two things to try. First, disconnect the computer from the network and attempt to log on with a domain account that has logged on in the past. Windows should use the cached credentials because the machine isn't on the network. After you're logged on, you can further diagnose the problem--you'll probably need to delete the computer's domain account and rejoin the computer to the domain. If logging on with cached credentials doesn't work, you'll have to take the more drastic measure of resetting the local administrator's password.

One way to reset the password is to boot up DOS with a floppy disk, load Sysinternals' free Ntfsdos utility (available at http://www.sysinternals.com), then delete the SAM file, which you'll typically find in C:\winnt\system32\config. After deleting the SAM file, reboot. Windows will replace the SAM file with a default SAM file that contains only Administrator and Guest. The Administrator password will be blank. Be aware that this method destroys any local users and guests as well as user-right assignments, account policy, and audit policy.

If you don't want to destroy the SAM, you can try using the Ntpasswd utility to reset the password. Ntpasswd, written by Peter Nordhal, is available at http://home.eunet.no/~pnordahl/ntpasswd. When you boot with a floppy disk that contains Ntpasswd, it loads a small version of Linux, then a custom program displays Administrator and the local users in the SAM. After you select the desired user, Ntpasswd lets you enter a new password. Exit Ntpasswd, reboot, and you can log on as the user using the new password. These utilities usually work, but they use methods unsupported by Microsoft and should be used only as a last resort.

TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish