0

I have an HP Pavilion 570 Desktop PC running Windows 10 with a UEFI BIOS and GPT partition. The computer is part of a domain.

History: We had our AD directory box keel over, so we had to replace it. I now get a trust issue on the computer, when attempting to log in. The solution is to log into the box, remove from the domain, delete the computer from the Active Directory Users and Computers, add back to the domain, and then test the login.

The key is to be able to log into a local administrator account account (not necessarily Administrator, but one with Administrator rights) and then perform the domain to workstation to domain tasks.

The problem is that I cannot log into the workstation using any domain user account (trust domain issue). That is normal for Microsoft. That is not a problem, but that the built-in Administrator account is disabled is the problem.

I have a license for Renee PassNow Pro, which is an awesome utility. You create a USB disk or a CD (I chose USB), and then you boot off of it. The app allows you to clear the password for any account and enable any account. The software works major awesomeness with any BIOS/MBR system (older computers), not so great with UEFI/GPT systems.

Their support team and product states

  1. Disable secure boot (should have added enable legacy boot)
  2. Enable Launch CSM (CSM: Compatibility Support Module for UEFI firmware)

Yeah, there is no such thing as CSM anything anywhere in the BIOS boot menu or the UEFI BIOS area, nothing / nada /zilch.

I can boot off of my USB stick (half the battle), but I do not see the Windows disk (the current problem).

I could care less about PassNow Pro. I am not wedded to it, so my question is not related to them. My question is now to solve the problem. I need to enable the built-in Administrator account and then reset the password. I am open to another utility, a Mark Russinovich (he is the guru at Microsoft who started sysinternals and founded the concept of a ponytail for real driver geeks), or an incantation (think Once Upon a Time or Harry Potter), whatever works. I do not have a wand, so...

How do I enable / reset passwords for built-in accounts on UEFI/GPT systems?

Thoughts?

UPDATE:

The recommended equivalent post, admin, was a nice try. I tried it. Sadly, step 7 after entering REM_SAM, resulted in a permission denied file is in use error. That took care of that. I was not able to get into safe mode, so that took care of the second answer.

Sarah Weinberger
  • 759

2 Answers2

1

How do I enable / reset passwords for built-in accounts on UEFI/GPT systems?

  1. Boot any UEFI-compatible Linux system.
  2. Install the "ntfs-3g" and "chntpw" packages.
  3. Mount the Windows volume using ntfs-3g.
  4. Use chntpw to unlock accounts and/or zero out passwords. (Wouldn't recommend using it to promote non-admin users though.)

chntpw is the same tool as found in the popular ntpasswd "Offline NT Password and Registry Editor".

grawity
  • 501,077
0

I found a tool long ago. Some call it a rescue CD. It boots and handles UEFI and GPT. It also includes the Offline NT Password and Registry Editor mentioned above. It also includes many other neat utilities. Offline NT Password and Registry Editor".

https://toolslib.net/downloads/viewdownload/255-winpese-x64/

Ziggy32
  • 111