You should be able to modify that organically at boot with Windows 10: https://www.tenforums.com/tutorials/2969-enable-disable-elevated-administrator-account-windows-10-a.html#option5
-- Espi On Tue, Jul 18, 2017 at 8:52 PM, Kurt Buff <[email protected]> wrote: > Dang. Completely forgot about that. I'll have to see if I can gin that up. > > Kurt > > On Tue, Jul 18, 2017 at 6:21 PM, Robert Cato <[email protected]> > wrote: > > The local accout(s) is disabled. NT password reset CD-ROM to reset > password > > and enable the local accout. It's a Win10 "feature" > > > > > > On Tue, Jul 18, 2017 at 8:24 PM Kurt Buff <[email protected]> wrote: > >> > >> If nobody else comes up with a solution, that's the way I'll go. > >> > >> It's been a while since I've used it, but IIRC, it also enables the > >> account if it's disabled/locked out. > >> > >> Kurt > >> > >> On Tue, Jul 18, 2017 at 4:55 PM, Michael B. Smith < > [email protected]> > >> wrote: > >> > I would try the pnordahl solution. > >> > > >> > -----Original Message----- > >> > From: [email protected] > >> > [mailto:[email protected]] On Behalf Of Kurt Buff > >> > Sent: Tuesday, July 18, 2017 7:46 PM > >> > To: ntsysadm > >> > Subject: [NTSysADM] Boxed in on a Win10 VM > >> > > >> > All, > >> > > >> > A colleague stood up a Win10 VM that was a clone of an original > >> > domain-joined machine, running on a ESXi/vSphere 6.0 host. > >> > > >> > I noticed this, and decided to help out - the VM clone was not fully > >> > functional - it's trust relationship with the domain was broken. > >> > > >> > I was able to log in using cached credentials with administrative > >> > privileges, so I set the local administrator password to something we > know > >> > (we use LAPS here, so there's no telling what the most recent > administrator > >> > password was). > >> > > >> > I then changed the machine name and joined the VM to a workgroup at > the > >> > same time - something I've done probably hundreds of times over the > years > >> > with never a failure before now. > >> > > >> > After reboot, the login screen shows only the username of the last > >> > successful login (a domain account, not a local account, even though > it's > >> > not a member of the domain!). > >> > > >> > I cannot get it to switch to another account to log in, and since the > >> > only account available on the login screen is the domain account, and > it's > >> > not joined to the domain, I can't use that account's password to log > in. > >> > > >> > There are no backups, no restore points and no snapshots for this VM. > >> > > >> > I was able to boot into safe mode in the console, and start a command > >> > prompt - when it asked for the local Administrator account, that > worked, so > >> > I know the password is good. > >> > > >> > I've tried to RDP into the machine, and am refused, no matter which > >> > credentials I try. > >> > > >> > I even tried disconnecting the NIC for the VM to see if that would > shake > >> > loose some cached credentials, but no go, and it stubbornly refuses > to show > >> > me any other accounts to choose for login. > >> > > >> > I suppose I could do a reset, but I believe there's 3rd party software > >> > that was installed in the interim, so I'm a bit hesitant to do that. > >> > > >> > Anyone have thoughts on how to proceed? > >> > > >> > I'm about ready to boot with a Nordahl iso, and see if that helps, but > >> > if push comes to shove, I I'll re-clone the original, and try again, > and let > >> > the colleague know that he's lost any work done, but for the moment > this is > >> > an exercise in overcoming - something. > >> > > >> > Kurt > >> > > >> > > >> > >> > > > > >
