Monday, February 18, 2013

…and an alternative solution is confirmed

In the last post I mentioned the challenge encountered when a user set a local account password on their new Windows 8 system…and forgot it.

A factory re-image got us rolling, but in theory I should have been able to off-line boot the system with one of my WinPE USB sticks (had I had it on hand) and used a utility to blank out the password in the local user’s account.

Last night I wanted to confirm this would work.

So I booted by VMWare-hosted Windows 8 system and confirmed my local user-account did have a working account password on it.

I shut it down and tried to boot it by using one of my custom WinPE USB sticks.

Only VMWare doesn’t support booting from a physically attached USB drive.

So I had to boot from a Plop boot manager first.

Only that didn’t work too well as the VMWare BIOS booted so fast I couldn’t catch it to change my VMware boot order.

So I had to edit my Windows 8 .vmx file to increase the timeframe it allows during the BIOS boot process so I could select more options…such as boot from my mounted Plop ISO file.

That done, I was able to boot the VMWare image, select to boot from Plop, attach the bootable USB stick in VMWare, return to Plop and select the option to boot from USB, and voilà! my WinPE was running in VMware.

Once it settled down, I launched the latest version of NTPWEdit (v 0.4) released in Oct 2012 in both x32 and x64 bit versions and supports Win8.

I passed it to the SAM file location, it found my local account and I used it to blank the password.

I rebooted and let Windows 8 come up.

Sure enough, my password had been successfully removed!

I then went and restored it again.

All is well and some more confirmed techniques are filed away for future reference.


--Claus V.

No comments: