One of my customers got hacked big time: Hotmail (where it probably started), Facebook, Instagram, Snapchat. She couldn't log on to her computer anymore, since her password on her Microsoft account has been changed by the hacker.
I enabled the Administrator account, and gained access to the data.
Now I am looking for a way to unlink the local user account from Microsoft, so I can log in to her own account.
I have access to her files, but not to her account.
Is there any way to unlink a local account without being logged on?
I found a solution, or rather, a workaround:
I booted the computer from a Windows USB-stick, chose "Repair", "Advanced" and then "Command Prompt"
I changed drive and directory to the System32 folder on the volume Windows was installed
I renamed utilman.exe to utilman_old.exe and copied cmd.exe to utilman.exe
I restarted the computer normally with boot from harddisk/ssd.
At the logon screen, I clicked the button for Accessibility Options, which normally invokes utilman.exe. However, utilman.exe is now a copy of cmd.exe, so an ELEVATED command prompt is started
I wrote the line "net users administrator active=yes"
I rebooted the computer, and at login, I chose the Administrator account that was located at the bottom left of the login screen
I downloaded ProfileWizard from https://www.forensit.com/downloads.html, installed it an ran it
I selected the profile, that was linked to the Microsoft account, and clicked Next
I opened an elevated Command Prompt, and wrote "net users tempuser /add"
I went back to Profile Wizard, and wrote "tempuser", and clicked "Next"
At finish, the current administrator user was logged of, and logged on again. I logged administrator off, and logged on as "tempuser". I then had full access to the account that was linked to a Microsoft account, but now as a local account.
Related
I Installed SQL Server Express on my work PC, and had it up and running at the time of installation.
But I guess after a restart of PC, the Windows Service "SQL Server (SQLEXPRESS)" can no longer be started.
I have my normal user, and an Admin-User for my PC.
When I open services.msc with my normal user I see the service, but all functionality is greyed out.
When I open services.msc with my admin user, the service is not there.
In my years of working with windows services, I've never experienced a "missing" service from services.msc before.
I've looked in registry here: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
With both my normal and admin user I see these services:
SQLAgent$SQLEXPRESS
SQLBrowser
SQLTELEMETRY$SQLEXPRESS
But not this: "MSSQL$SQLEXPRESS"
Installation:
I don't remember in detail, but I'm pretty sure I just double clicked the installation launcher, and gave my admin-user when prompted for admin permissions.
Do you have any idea what is going on ?
Running into a strange issue with a Windows 7 image. Three years ago, I wrote a Powershell script which took a basic Windows 7 image (with only the Administrator account on it) and the script adds all the user accounts, applications, programs, regedits, et al. Used sysprep to complete the image so it could be cloned using Clonezilla onto several hundred computers and go out to different sites, as well as create replacement PCs down the line.
Those original PCs we used ran out and we got a different line of PCs from the same maker, again with a Windows 7 operating system and just an Administrator account. Found out this time the person who created that basic image for me did not put a password on the Administrator account as they did the first time, so it was automatically logging on for me. Added a password to the Administrator account so it wouldn't auto-login.
Ran my script after making some edits to bring applications up to date. Now after rebooting, it not only tries to Auto logon (despite everything I've checked to make sure Auto logon was disabled), but when you click OK to get past the Auto login error, it only shows the Administrator account instead of showing Administrator along with the other two account icons. You then have to click "Switch user" and it will show only "Administrator" and "other user". You have to click on "other user" and input your account name and password.
How do I get it back to showing me all three account icons - Administrator plus my other two user accounts - after a reboot?
PS - these images were loaded onto the PCs by a person from another dept. Same person three years ago as currently.
I finally discovered from a worker in another dept that Microsoft changed Windows 7 so that the last user logged in is the icon that is shown after logging off or rebooting. Love how Microsoft always "fixes" things that don't need fixing.
We're developing a Microsoft Office Add-in and encounter issues switching from editing a document on Office Online to Edit in Word. Even without the add-in, the issue can be reproduced.
The user which is a registered Microsoft Outlook account has access to a shared directory (folder) on a Sharepoint site. Edit: Opening a file on the users own OneDrive works.
results in a prompt from the Office for Mac to ask the user to sign-in.
After the sign-in, Office for Mac shows a dialog saying user does not have access privileges message in Word on Mac.
The user which is a registered Microsoft Outlook account has access to a shared directory (folder) on a Sharepoint site. The user is registered as an external user (through invitation which has been accepted) on an Azure Active Directory and is part of a user group on this Active Directory which can edit the folder. The user has access to the directory via the group permission, not directly.
Browsing the folder via https://[app].sharepoint.com/sites/pub/Shared%20Documents/[SharedDirectory] as the user works. Documents can be opened and edited on Microsoft Online. Switching from Online edition to Edit in Word or Edit in Excel fails after signing-in with the user.
The very same user is already signed-in to Microsoft Office for Mac and should actually not be prompted again to authenticate.
From the moment of signing-in, Word and Excel behave different.
Word shows a dialog saying Word cannot open the document: user does not have access privileges.
Excel keeps prompting the user to sign-in.
On Windows 10, Edit in Word/Excel works. If the user is not signed-in to Microsoft Office for Windows yet, a prompt appears similar to the Office for Mac, asking the user to sign in. After the sign-in, the user is signed-in Office for Windows, the document opens and can be edited and saved.
Is there a way to ensure that shared documents can be edited through Office for Mac?
The Mac version used is 15.37 (170815)
The described behavior could be verified by the Microsoft Support team. I created a post in UserVoice and encourage everyone with the same issue to upvote for it and get notified about changes through that:
https://office365.uservoice.com/forums/264636-general/suggestions/31387858-enable-viewing-and-editing-of-shared-documents-on
I came across an issue that I'm not entirely sure it is even possible.
I want to start a process (chrome browser for ex.) on a user desktop using a system level command prompt or powershell.
I tried many imitations such as runAs and -Credentials but they only open the process in the background "as" the user, not on the user's desktop. I want to actually RDP to the user's profile and see the browser open.
I'm aware there are risks of using system. This question is mostly on how to start a process on a specific user desktop rather than just appearing on task manager.
Edit to clarify the issue:
I'm using windows server which has several of users, all of them are users that i have their name and password.
On that server, i have a process running under SYSTEM which i need it to open a process with a UI (a browser for ex.) in one of the other users's desktop.
The user's session is open and runnign and i can RDP/VNC/SSH/whatever to it and open whatever i want but that is not what i need. I want to RDP to that user after the browser was opened and see that it is already opened.
I want to use a Application on Windows 7 without Admin priviliges.
(Sure for the install process i used Admin priviliges)
Now i had following problem:
When i want to start the application the UAC popup ask for an Admin Account to run the program. But the User had no Admin account and can only click "No" so the Application is closed.
Is it possible to use this application with the rights from the current user and deactivate the UAC prompt?
On Win XP, only popup a error message that the application had no admin priviliges.
But by selecting "Ok" the application is starting and working.
You need to create and embed a manifest into your application. This tells the operating system that your program was written to be compatible with the UAC built into Windows Vista (and later), and therefore does not need to be run as Administrator. Set the requested execution level to asInvoker.
See this article on MSDN for more details.
There's also a helpful, though somewhat more general, article that appeared in the MSDN Magazine regarding UAC: Teach Your Apps To Play Nicely With Windows Vista User Account Control