1
I have a Dell Latitude E5530 with Intel Core i7 / 4gb of RAM running Windows 7 64x.
The laptop is encrypted via TrueCrypt, which I have the pre-boot authorization password for, so that is not the problem. The problem is when I try to log in to any of the local accounts - it states that the user name and passwords are incorrect for the two local administrator accounts, which I know is not the case.
I am also not able to log in to any network account as the laptop lost domain trust relationship. So, you can see my frustration as I am unable to log in locally to remove the laptop from the domain and re-add it so that it is trusted again, and I am also unable to use a password reset disk to clear and reset the local admin passwords because the disk is encrypted with TrueCrypt and I am unable to boot a password reset disk after booting past TrueCrypt.
I think I have tried about everything I can think of (recovery disks, adding another local user in CMD, etc) and i'm pretty much at wits end. I really don't want to start over from scratch on it because the software installed on it took forever to get working and may never work on here again.
I'm not really asking for a way to crack the passwords or anything like that, I'm just trying to figure out if there is a way for me to back into this computer. Any ideas would be greatly and immensely appreciated. Thank you!
John Cornwell
Posted 2017-09-06T14:12:38.310
Reputation: 21
1If you are unable to enable the built-in Administrator, and you have no other local Administrator account you can use, then there isn't a fix for your situation. Have you attempted to add the machine back to the domain from the DC? – Ramhound – 2017-09-06T14:14:53.363
I have disabled (have not deleted and re-created) the computer account in AD and re-enabled it with no luck. – John Cornwell – 2017-09-06T14:21:52.013
Can you run
netdom reset /d:domain computernameon another domain computer? This should reset the trust relationship. – Confuzing – 2017-09-06T14:30:26.513Oh forgot, you need Active Directory Domain Services Tools installed on the computer you are running this from. – Confuzing – 2017-09-06T14:32:03.973
@JohnCornwell - How about the built-in Administrator account? The solution is to decrypt the HDD in order to be able to enable the built-in Administrator so you can install the appropriate tools to add the machine back to the domain. – Ramhound – 2017-09-06T14:34:22.867
It ran and returned: "The trust relationship between this workstation and the primary domain failed." – John Cornwell – 2017-09-06T14:34:29.500
@Ramhound - I had enabled the built-in admin account in command line from Windows repair that I was able to get into immediately after the pre-boot unlock of TrueCrypt. Tells me password and user name are incorrect. – John Cornwell – 2017-09-06T14:35:28.103
Have you reset the password to that account? It is very possible you simply have a corrupt installation of Windows hence the reason your unable to log into your local accounts. – Ramhound – 2017-09-06T14:37:05.000
@ramhound - When I activated that account I did not set a password. – John Cornwell – 2017-09-06T14:39:11.737
Yes; I kind of figured that; You are sure you logged into the local machine and didn't attempt to log into a domain account simply named
Administrator, right? – Ramhound – 2017-09-06T14:49:13.913I am 100% sure it is the local administrator and just tried again to make that 110%. On a separate note: I also just went into Attribute Editor in AD and changed a few attributes to match another machine that is working and it now seems that the DNS name is being picked up, but i'm still unable to log into a network account. – John Cornwell – 2017-09-06T15:06:07.040
@ramhound - It seems that after completely deleting the computer from AD and re-adding it in AD, and then going through the attributes and reflecting any DNS information on the offending computer in AD has resolved the issue. I am now able to log in over the domain and reset all account passwords. Thank you for your help! – John Cornwell – 2017-09-06T15:29:29.023
2Rather than editing "issue resolved" ONE of you should write an answer, and that should be selected as the correct one ;) – Journeyman Geek – 2017-09-06T15:34:02.630
2I'm voting to close this question as off-topic because the machine needed to be removed then added to the domain again for it to work and the problem has been resolved. – Ramhound – 2017-09-06T15:55:03.923
A potential workaround is to disconnect the PC from the network, and attempt to log in as a user who's successfully logged onto the PC in the past. It maintains a cache of credentials in the case of network disconnects. Then, you can work in that user to fix the domain issue. – Christopher Hostage – 2017-09-06T16:10:34.430
1Do not change your title or question if you have solved it yourself; that does not mark it as solved in the UI. Instead, add the answer to the big “Your Answer” box below, then revert your changes to the question and title. After a day or so you can accept your own answer. – Dour High Arch – 2017-09-11T00:33:45.537
I did a rollback, so your question doesn't contain the answer now. You can mark the question as resolved by accepting your own answer. – Kamil Maciorowski – 2017-09-21T12:33:46.517