Sponsor

2006/05/01

Resource Edition

Labels: , , , ,

Subscribe to Windows IT Pro: http://list.windowsitpro.com/t?ctl=289CB:610453

To make sure that your copy of Security UPDATE isn't mistakenly blocked by antispam software, add Security_UPDATE@list.windowsitpro.com to your list of allowed senders and contacts.

This extra monthly edition of Security UPDATE lets you know about resources and events that can help you keep your security knowledge and skills up to date and keep your Windows and other systems secure.

====================

==== Security Q&A ==== by Randy Franklin Smith, rsmith@ultimatewindowssecurity.com

Q: I have a Windows 2000 machine that won't allow the user to log on. When we try to log on with a domain account, we see a message that the computer name isn't recognized by the domain. We don't know the local administrator's password, so we can't log on as the administrator. Is there a way to bypass the logon screen?

A: There's no way to bypass the logon screen native to Windows--even if you use the recovery console, you'll need the appropriate password. However, I can recommend two things to try. First, disconnect the computer from the network and attempt to log on with a domain account that has logged on in the past. Windows should use the cached credentials because the machine isn't on the network. After you're logged on, you can further diagnose the problem--you'll probably need to delete the computer's domain account and rejoin the computer to the domain. If logging on with cached credentials doesn't work, you'll have to take the more drastic measure of resetting the local administrator's password.

One way to reset the password is to boot up DOS with a floppy disk, load Sysinternals' free Ntfsdos utility (available at http://list.windowsitpro.com/t?ctl=289D0:610453 ), then delete the SAM file, which you'll typically find in C:\winnt\system32\config. After deleting the SAM file, reboot. Windows will replace the SAM file with a default SAM file that contains only Administrator and Guest. The Administrator password will be blank. Be aware that this method destroys any local users and guests as well as user-right assignments, account policy, and audit policy.

If you don't want to destroy the SAM, you can try using the Ntpasswd utility to reset the password. Ntpasswd, written by Peter Nordhal, is available at http://list.windowsitpro.com/t?ctl=289CE:610453 . When you boot with a floppy disk that contains Ntpasswd, it loads a small version of Linux, then a custom program displays Administrator and the local users in the SAM. After you select the desired user, Ntpasswd lets you enter a new password. Exit Ntpasswd, reboot, and you can log on as the user using the new password. These utilities usually work, but they use methods unsupported by Microsoft and should be used only as a last resort.

(This Security Q&A originally appeared in the Windows IT Security newsletter's Access Denied column.)

==== Security Resources ==== The following Security-related resources are brought to you by Windows IT Pro. For additional resources and information, visit http://list.windowsitpro.com/t?ctl=289D1:610453

Learn all you need to know about code signing technology, including the goals and benefits of code signing, how code signing works and the underlying cryptographic and security concepts and building blocks. http://list.windowsitpro.com/t?ctl=289CA:610453

Get the tips you need to prepare and comply with PCI-Data Security standards, including defining the 12 major requirements. http://list.windowsitpro.com/t?ctl=289C9:610453

Do You Know How "Compliance" Affects Your Company? Find out or what policies help or hurt in protecting your company's assets and data. http://list.windowsitpro.com/t?ctl=289C8:610453

====================

==== Contact Us ====

About the newsletter -- letters@windowsitpro.com About technical questions -- http://list.windowsitpro.com/t?ctl=289CF:610453 About product news -- products@windowsitpro.com About your subscription -- windowsitproupdate@windowsitpro.com About sponsoring Security UPDATE -- emedia_opps@windowsitpro.com

====================

This email newsletter is brought to you by Security Administrator, the leading publication for IT professionals securing the Windows enterprise from external intruders and controlling access for internal users. Subscribe today. http://list.windowsitpro.com/t?ctl=289CC:610453

Manage Your Account You are subscribed as news-and-stuff@arconati.us

You received this email message because you subscribed to the Security UPDATE newsletter on the Windows IT Pro Web site. To unsubscribe to Security UPDATE, click the link below. http://list.windowsitpro.com/u?id=28351AE7DCFB1F6CC38EE49EBFF45717

View the Windows IT Pro Privacy policy at http://list.windowsitpro.com/t?ctl=289CD:610453 Windows IT Pro is a division of Penton Media, Inc. 221 East 29th Street, Loveland, CO 80538, Attention: Customer Service Department Copyright 2006, Penton Media, Inc. All Rights Reserved.

@

No comments:

Post a Comment

Keep a civil tongue.

Subscribe to: Post Comments (Atom)

Label Cloud

Technology (1464) News (793) Military (646) Microsoft (542) Business (487) Software (394) Developer (382) Music (360) Books (357) Audio (316) Government (308) Security (300) Love (262) Apple (242) Storage (236) Dungeons and Dragons (228) Funny (209) Google (194) Cooking (187) Yahoo (186) Mobile (179) Adobe (177) Wishlist (159) AMD (155) Education (151) Drugs (145) Astrology (139) Local (137) Art (134) Investing (127) Shopping (124) Hardware (120) Movies (119) Sports (109) Neatorama (94) Blogger (93) Christian (67) Mozilla (61) Dictionary (59) Science (59) Entertainment (50) Jewelry (50) Pharmacy (50) Weather (48) Video Games (44) Television (36) VoIP (25) meta (23) Holidays (14)

Popular Posts