I've found a howto to enable local admin via recovery/regedit, and have
now enabled it.
I can leave and re-join the domain with no problem at all, BUT STILL
CAN'T LOG IN, even using the same account that I used to leave/join the
domain.
Hair long gone ):
Steve
On 21/05/13 15:06, Dewayne Geraghty wrote:
Oh dear! You're in a really bad place.
The PC can't join the domain. Therefore you can't use domain credentials. So
the domain is out of the picture. This has occurred
because the PC has changed its computer password and failed to notify the
server within its normal limits. So - forget the domain.
A local priv'ed account is your only option. But without that, or a local
Administrator password, you're really hosed. Its meant
to be this way...
Windows is good at one thing, making it really difficult to "own" a machine
when you don't have credentials. But not the data.
If you have critical information on the PC and it hasn't been encrypted, then
you should be able to extract it by taking the disk
out and inserting into a UNIX machine, or perhaps another Win PC.
I vaguely recall some Linux software that broke into the security db, about 12
years ago; but I expect MS has fixed that.
If I were at this point, I'd try to "repair" the machine and take the system
back to a known local account.
And when this is all over, don't forget to create a priv'ed account on all PC's
with a long complex password that is your ultimate
failsafe. (I do this with all customers, and I don't recall the number of
times that has been the ONLY solution.)
Good luck, let me know if you are able to repair the system, if you take that
course.
Kind regards, Dewayne
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba