Jump to content

Almost Locked out - help


Lab Tech

Recommended Posts

The system is encrypted,and I can get through the passworded boot challenge, load the encryption driver and start the OS,  but I've locked myself out of XP.  Thinking it would be nice to use the WORKGROUP feature, I used the wizard and rebooted - now my password is not working.  The reboot also took care of the latest MS hot fixes.  Either one may have caused the problem.

I can successfully use my ID and password on the pre-boot challenge from the encryption software (PC Guardian, aka Guardian Edge, or Encryption Plus) and it responds as expected by "loading driver".  The system seems to boot normally, but the previous password doesn't log me in.  I've tried my old passwords. 

Of course boot CDs don't help - they don't load the disk driver from the boot sector, so the disk is still encrypted. 

If I read the forum correctly, if I am not logged in, am I out of luck?

Link to comment
Share on other sites

Did you set it up for a domain login? is it trying to log on to a remote server by any chance and since it cant authenticate, it cant login? Just guessing...

Link to comment
Share on other sites

When I used it one contract job, they had me install the encryption software and use LDAP to login. It was mandatory and I thought it a good idea... at the time. It's not my work PC anymore, do I just login locally.

When my kids where young and reckless, I set all my systems with passwords and screen timeouts. So yes, I have passwords set.

I normally drug it to work and back and never thought a share folder was a good idea. File Sharing, might be default, but this system was not part of a workgroup. I didn't think it would be an issue - I've activated workgroups on on other boxes in my home - so every box can see at least one folder. 

I'd allowed a few hotfixes to install days before but ignored the "reboot required' figuring I'd eventually reboot. When I did, everything went normally until I typed in my ID and password.

All that to say this, I can't log in, short of a miracle. Is there a solution? Boot CDs can't read the encrypted disk. Can I force or recover the existing password through a USB program?

Link to comment
Share on other sites

If you're sure of the password there's going to be a way to de-encrypt the disk/volume if you need the data back wait 'till monday and call the support number, or the sales number and get transfered.  If not delete it and start over, it might just be faster. 

Are there any other accounts on the computer?  Administrator/Guest?

Link to comment
Share on other sites

By "activating workgroups" do you mean you remove the laptop from a Windows domain?

Sorry, I'm not sure what you mean. A workgroup is Microsoft's terminology for a localized peer-to-peer PC computer network. I think workgroup and domain, in this context, are roughly equivalent. The system was configured to participate in my local "windows workgroup"

Is there a way to access the system upstream from the workgroup?

Link to comment
Share on other sites

I dont understand how you enabled the workgroup for windows networking if you cant log in to XP? LDAP and the Microsoft Networking for Workgroups are two different things, but the encryption software they had you put on there might be what is preventing you from being able to make changes or login. Doesnt seem like there is enough information to work from with what you told us.

Its YOUR pc, right? Its YOUR install of XP, plus the software your client had you put on there.

When I used it one contract job, they had me install the encryption software and use LDAP to login.

You use LDAP to login top what? Windows, or just the remote connection? How often was it used after that contract job? Did windows work normally when not connected to the clients network?

One of a few things:

1 either your account got foo bared via malware, or virii and took over your pc,

2 your setup requires you to authenticate via encrypted login and then ldap connection to a domain controller,

or 3, there is some other step, process, thing you left out, like, its not your machine and your not telling us the full story.

Hotfixes dont set or change your passwords. Turing on windows file sharing and creating a workgroup do not effect pc logons. Changing how you logon to the pc, like pointing to a domain controller, will have issues if it cant connect to the domain to authenticate, but there are usually cached logins for up to a set number of attempts, but after that, it eventually blocks access if it cant login to the domain after whateve the set number is. It can even be set to not cache the passwords for domain logins. Unless you set this, or it was already set, I dont think this is what happened. I still dont understand how you managed to lock yourself out of XP if its your machine and it wasnt tampered with in some way, or wasnt configured to authenticate remotely.

Otherwise, format the disk and start over with a fresh install.

Link to comment
Share on other sites

As Sparda posted the pic, and Vako mentioned, this is what I meant if you were previously part of a domain and changed it somehow.

On another note, have you tried starting in safe mode? Recovery console? (If its even possible any more with the encryption software taking priority now)

Link to comment
Share on other sites

If you have done this, you need to use something like Active Password Changer (which you can get for free as part of Hirens boot CD, mostly warez so its torrent only) to reset the administrator password, gain access to the local machine via safe mode and create a normal local account with full administrator access. This will also work to gain local access to a machine that is part of a Active Directory domain.

Link to comment
Share on other sites

I dont understand how you enabled the workgroup for windows networking if you cant log in to XP? LDAP and the Microsoft Networking for Workgroups are two different things,

When I enabled workgroups I was logged in, it required a reboot. LDAP and the Microsoft Networking for Workgroups are two different things, you are correct and they do not conflict.

2 your setup requires you to authenticate via encrypted login and then ldap connection to a domain controller,

or 3, there is some other step, process, thing you left out, like, its not your machine and your not telling us the full story.

I can log in with or without Ldap, well at least I could before this incident. On comment on "its not your machine"; had I lifted a laptop I wouldn't go through this much trouble and frustration to reclaim the data. It just not worth it, when you can reformat and actually use the computer. Coming to a public forum would be a lot of exposure for a thief. I suspect a lot of folks come to this site because they've almost given up on reclaiming their lost digital photos, resumes, and trick spreadsheets, hoping this port of last resort might illuminate them to an option.

If your machine was part of a domain, and you degraded to a workgroup then your logins will no longer work.

I can select the domain or a local login. That is how I could work on the Ldap network and in turn work from home.

Did you change any thing on this menu?

width=327 height=384http://sparda.hopto.org/hak5/domain.png[/img]

No changes, I've watched others hose themselves doing just that. It was messy, and I didn't want that to happen to my system.

On another note, have you tried starting in safe mode? Recovery console? (If its even possible any more with the encryption software taking priority now)

Safe mode is a good idea, I haven't tried it yet since it is the same login, but it's worth a shot, thanks.

If you have done this, you need to use something like Active Password Changer (which you can get for free as part of Hirens boot CD, mostly warez so its torrent only) to reset the administrator password, gain access to the local machine via safe mode and create a normal local account with full administrator access. This will also work to gain local access to a machine that is part of a Active Directory domain.

I'll give it workout, thanks. The trick is finding the driver. The initial challenge loads it for me, so it must be locked up in the boot record. 

Link to comment
Share on other sites

When you say you could switch between logging into the machine using an LDAP account or a normal local login, I'm guessing the option to do that is no longer there? You weren't using a Novell system at all? From what it sounds like, you have dsiabled/removed the domain login stuff from the machine, which is going to be an issue tbh.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...