Hello
I had Admin Local account, few days ago my pc joined an active directory with limited functions. AD admin also disabled my local account, so when i try to login to local account i get " your account is disabled" .
now i want to enable the local account again,
I dont have AD admin PW,
I cant edit group polices.
when I go to safe mode I cant see any other accounts to login except my AD account.
So I tried to edit SAM file through WinRe:
I found out I can access local account through winre>regedit no access is denied will occur.
I load hex dive and edited the SAM file:
HKEY_LOCAL_MACHINE\REPAIR\SAM\Domains\Account\Users\000001F4
The value of 0038 hex was 10 so I didnt change anything.
under user name I saw default account so I guess default account means my AD account. I tried to give admin privileges to default account.
so I changed hex value from 15 to 10 and saved it. after restart I saw no changes. so I got back to winre and loaded sam file again to see if my changes were saved or not ? it was saved so I didnt need to change anything.
but I noticed one thing. the value under HKEY_LOCAL_MACHINE\SAM\ wont update to my modified SAM file i created in System32/config. Why is that? it is supposed to read SAM file from System32/config right?
why I can not see built-in Admin account in safe mode?
any idea how can i enable local account again?
thank you
I had Admin Local account, few days ago my pc joined an active directory with limited functions. AD admin also disabled my local account, so when i try to login to local account i get " your account is disabled" .
now i want to enable the local account again,
I dont have AD admin PW,
I cant edit group polices.
when I go to safe mode I cant see any other accounts to login except my AD account.
So I tried to edit SAM file through WinRe:
I found out I can access local account through winre>regedit no access is denied will occur.
I load hex dive and edited the SAM file:
HKEY_LOCAL_MACHINE\REPAIR\SAM\Domains\Account\Users\000001F4
The value of 0038 hex was 10 so I didnt change anything.
under user name I saw default account so I guess default account means my AD account. I tried to give admin privileges to default account.
so I changed hex value from 15 to 10 and saved it. after restart I saw no changes. so I got back to winre and loaded sam file again to see if my changes were saved or not ? it was saved so I didnt need to change anything.
but I noticed one thing. the value under HKEY_LOCAL_MACHINE\SAM\ wont update to my modified SAM file i created in System32/config. Why is that? it is supposed to read SAM file from System32/config right?
why I can not see built-in Admin account in safe mode?
any idea how can i enable local account again?
thank you
Facebook
Twitter
Instagram