Background information: my department decided to limit the use of local administrator accounts on our systems, so a few of us had special ‘Enterprise Admin’ accounts created for them, to use whenever Windows 7 requests elevation. However, the admin rights did not propagate to my own EA account for one reason or the other. I was told to remove the computer from the domain and re-join. Easy, right?
Where angels fear to tread, fools rush in. I happily removed my computer from the domain and restarted Windows 7. When the computer came back up, I couldn’t login with my domain user account – which was not surprising. However, I could not log in with the local admin account either! I had reset the password like 6 months ago and forgotten about it. Now I couldn’t log in to the computer, and no one could help me remotely. I started to panic.
A quick google revealed this trick about exploiting the sticky keys application to get a (full admin) command prompt at the login screen. And the whole thing took less than 5 minutes! I also learned from this site that you can unlock an account which is locked out or disabled using the command:
net user NameOfLocalUser /active:yes
Saved my skin, because the only other way out would have been to backup my files and the reinstall Windows7. Lessons learned: Always make sure you know the local admin password before you start messing around with user accounts.