Locked out of Windows 7

Pneuma

New member
Local time
10:22 PM
Messages
5
Very frustrated! I just unpacked a new PC here at work and begun setting it up. I neglected to set a password for the default Administrator account and proceeded with the setup. Once I was at the desktop I connected the computer to the domain. At that point I logged off, switched over to my account on the domain. I started installing the programs which the employee required to do her job but because of the heightened security in Windows 7 I was not able to run any files as administrator. When I did try it said the Administrator account was disabled. I logged off my account and tried to log back into the Admin account and sure enough it's disabled.

I've done searches in this forum and found similar problems but not quite like the one I am facing in that I never created a second account. So the only account that exists on this PC is the default administrator account which is locked out. I tried booting into safe mode and it still said the account was disabled. How can I resolve this issue?

If I were to get someone with domain admin privileges would they be able to create a secondary admin account? I can't proceed with the installation of this computer at this point.

Please advise.
 

My Computer My Computer

At a glance

Windows 7
OS
Windows 7
If the box has been added to a domain, then by default in the local administrators group on the Windows 7 PC, the domain admins group should be listed. Thus, anybody with domain admin rights on the network, should in effect be able to log into this machine.
 

My Computer My Computer

At a glance

Windows 7 Ultimate x64Intel Q9550 2.83Ghz OC'd to 3.40Ghz8GB G.Skill PI DDR2-800, 4-4-4-12 timingsEVGA 1280MB Nvidia GeForce GTX570
Computer Manufacturer/Model Number
Self-Built in July 2009
OS
Windows 7 Ultimate x64
CPU
Intel Q9550 2.83Ghz OC'd to 3.40Ghz
Motherboard
Gigabyte GA-EP45-UD3R rev. 1.1, F12 BIOS
Memory
8GB G.Skill PI DDR2-800, 4-4-4-12 timings
Graphics Card(s)
EVGA 1280MB Nvidia GeForce GTX570
Sound Card
Realtek ALC899A 8 channel onboard audio
Monitor(s) Displays
23" Acer x233H
Screen Resolution
1920x1080
Hard Drives
Intel X25-M 80GB Gen 2 SSD
Western Digital 1TB Caviar Black, 32MB cache. WD1001FALS
PSU
Corsair 620HX modular
Case
Antec P182
Cooling
stock
Keyboard
ABS M1 Mechanical
Mouse
Logitech G9 Laser Mouse
Internet Speed
15/2 cable modem
Other Info
Windows and Linux enthusiast. Logitech G35 Headset.
If the above method doesn't work, you can always backdoor it. It takes a while and is sort of a caveman method, but this will explain how to do it. I hope I don't get in trouble for posting this.


1) Get one of THESE.

2) Remove the hard drive from the computer and hook it up to your USB.

3) Go into the drive and navigate to C:\Windows\System32

4) Find the file "sethc.exe" (makes sure your folder and search options are set to show file extensions)

5) Take ownership of the file

--a. Right-click on "sethc.exe" and click "properties"
--b. Under "properties" click on the "security" tab.
--c. Under the "security" tab, click "advanced"
--d. Next, click on the tab that says "owner" and click "edit"
--e. Find your username in the list, and select it.
--f. Click "apply" and close the file's properties
--g. Re-open the file's properties (right-click, properties) and navigate to the "security" tab
--h. Click "edit", click "add", click "advanced", click "find now"
--i. find your username (if you're not sure which one, just select all of them
--j. under the permissions, select "full control" and click "apply" (if prompted, click "yes")

Now you should have ownership of the file.
6) Create a backup of the file (name it "sethc.backup") (if prompted, click "ok" or "yes")

7) Find the file "cmd.exe"

8) Create a duplicate of the file (copy/paste into the same folder.. simply click on the file and do "ctrl+c, ctrl+v)

9) Rename the "cmd-copy.exe" to be "sethc.exe"

10) eject the hard drive from your USB and put it back into the computer you got it from

11) start up the computer. when you get to the login screen, hit the shift key 5 times (like you would to do "sticky keys").. this should bring up the command prompt. You must do this at the login screen.

12) Type "net user" and hit ENTER.. this will bring up a list of users. Find the username of the employee who is using the computer. Write it down. For the sake of this example, suppose the user account is named "kbronski". REMEMBER THIS IS JUST FOR THE EXAMPLE.

13) type "net localgroup Administrators" and hit ENTER. This will bring up a list of system administrators. Find one administrator account, and write the username down. For the sake of this example, suppose the administrator account is named "sysadmin". REMEMBER THIS IS JUST FOR THE EXAMPLE.

Now you have two options..

OPTION 1

14) type "net localgroup Administrators /add kbronski" and hit ENTER. This will add the user as an administrator.

OPTION B

14) type "net user sysadmin /newpassword" (where it says "newpassord" simply enter a desired password) and hit ENTER. This will change the password for the administrator account.

-----

15) login (either the user, who is now an admin, or the administrator account whose password you changed)

16) go to town and install whatever you need to.


=====


Disclaimer: this should not damage the functionality of the system on the drive, so don't worry about that. In order to ensure that your employee will not tamper with anything, you will want to remove the user from the administrator group when you are done (if you had added them) by opening the CMD and typing "net localgroup Administrators /remove kbronski".
Also, you will want to go into C:\Windows\System32 and remove the newly created "sethc.exe" and restore the original (change "sethc.backup" to "sethc.exe") or keep it the way it is for future maintenance. I keep mine like this in case I get locked out.
If functionality is damaged, however, I cannot be held liable. If you're unsure about what you're doing, ASK. If you're still unsure, don't do it.
 

My Computer My Computer

At a glance

Windows 7 Pro x64Intel Core i7-5820k32GB Kingston HyperX FURY DDR4-2400EVGA Geforce GTX970
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom
OS
Windows 7 Pro x64
CPU
Intel Core i7-5820k
Motherboard
ASUS X99-PRO
Memory
32GB Kingston HyperX FURY DDR4-2400
Graphics Card(s)
EVGA Geforce GTX970
Monitor(s) Displays
ASUS VC239h
Screen Resolution
1920x1080
Hard Drives
Samsung 850 EVO SSD 250GB x2
750 GB HDD
3TB HDD
PSU
Corsair RM750
Case
Fractal Design Define R5
Cooling
Noctua NH-D15
Keyboard
Corsair Strafe RGB
Mouse
Logitech G502
If the box has been added to a domain, then by default in the local administrators group on the Windows 7 PC, the domain admins group should be listed. Thus, anybody with domain admin rights on the network, should in effect be able to log into this machine.

I can log into the machine through my domain account but not with admin rights and thus I can not install software or change settings on the PC.
 

My Computer My Computer

At a glance

Windows 7
OS
Windows 7
Leave the domain (you may need a domain administrator to do that, since a standard user cannot join or leave a domain) and reboot. You should then have access to your local machine admin account.
 

My Computer My Computer

At a glance

Windows 7 Ultimate x64 SP1Core i7-2670QM8GB DDR3 PC3-10600Intel HD Graphics 3000 + GeForce GT 540M
Computer Manufacturer/Model Number
Dell XPS 15 L502x
OS
Windows 7 Ultimate x64 SP1
CPU
Core i7-2670QM
Memory
8GB DDR3 PC3-10600
Graphics Card(s)
Intel HD Graphics 3000 + GeForce GT 540M
Screen Resolution
1920x1080
Hard Drives
1TB 5400RPM Seagate
I'll give that a try. I mean, I suspected that was the case BUT if I disconnect from the domain AND it doesn't work then no domain + locked out admin account = SOL! But I don't really have a choice. Going to give it a go. Thanks.
 

My Computer My Computer

At a glance

Windows 7
OS
Windows 7
I add and remove computers from domains all the time. There's no loss of data, no problems, no issues at all. You just have an admin add you to the domain, and remove you if needed. Domain policy blocks the local admin account, so that's why you couldn't access it.
 

My Computer My Computer

At a glance

Windows 7 Ultimate x64 SP1Core i7-2670QM8GB DDR3 PC3-10600Intel HD Graphics 3000 + GeForce GT 540M
Computer Manufacturer/Model Number
Dell XPS 15 L502x
OS
Windows 7 Ultimate x64 SP1
CPU
Core i7-2670QM
Memory
8GB DDR3 PC3-10600
Graphics Card(s)
Intel HD Graphics 3000 + GeForce GT 540M
Screen Resolution
1920x1080
Hard Drives
1TB 5400RPM Seagate
I can log into the machine through my domain account but not with admin rights and thus I can not install software or change settings on the PC.
Then you are not a member of the domain admins group which would have been added to the local administrators group. That's why you need a domain admin to login, then you can use that account to add whatever user you want to the local admins group directly on the machine. A user who is in the local admins group will have the ability to install software and make changes on the PC.
 

My Computer My Computer

At a glance

Windows 7 Ultimate x64Intel Q9550 2.83Ghz OC'd to 3.40Ghz8GB G.Skill PI DDR2-800, 4-4-4-12 timingsEVGA 1280MB Nvidia GeForce GTX570
Computer Manufacturer/Model Number
Self-Built in July 2009
OS
Windows 7 Ultimate x64
CPU
Intel Q9550 2.83Ghz OC'd to 3.40Ghz
Motherboard
Gigabyte GA-EP45-UD3R rev. 1.1, F12 BIOS
Memory
8GB G.Skill PI DDR2-800, 4-4-4-12 timings
Graphics Card(s)
EVGA 1280MB Nvidia GeForce GTX570
Sound Card
Realtek ALC899A 8 channel onboard audio
Monitor(s) Displays
23" Acer x233H
Screen Resolution
1920x1080
Hard Drives
Intel X25-M 80GB Gen 2 SSD
Western Digital 1TB Caviar Black, 32MB cache. WD1001FALS
PSU
Corsair 620HX modular
Case
Antec P182
Cooling
stock
Keyboard
ABS M1 Mechanical
Mouse
Logitech G9 Laser Mouse
Internet Speed
15/2 cable modem
Other Info
Windows and Linux enthusiast. Logitech G35 Headset.
Back
Top