Gaining Access to A Windows Computer when you don’t know the Password

Written by James McDonald

April 13, 2016

“The trust relationship with this workstation and the primary domain has failed”

This error message isn’t a big problem when you still have the local computers administrative usernames and login passwords.

You just change your login details from

DOMAINNAME\Administrator

to

COMPUTERNAME\Administrator

enter you password, remove the computer from the domain by adding it to a workgroup, reboot, re-add it to the DOMAIN and then the trust relationship is rebuilt and you can then use your DOMAINNAME\username credentials again.

But what do you do if you haven’t got a set of administrative local credentials?

You need to somehow break into the computer and to do this you can use this:- http://ntpasswd.com/ download either a USB or CD/DVD iso zip and then follow the instructions.

The only downside to this is you have to have physical access to the machine.

But I have just found that an onsite non-IT person can do all the steps needed to enable the account and clear the password of the local Administrator without too much difficulty.

3 Comments

  1. Johanna

    It’s just a matter of finding that “right” non-IT person to follow the steps provided.

    Reply
    • Mark O'Loughlin

      You don’t need a local username and password in this situation. You simply unplug the network cable and login with the last know domain username and password. The PC cannot see the domain control, so the broken trust relationship has no effect, it just logs in.

      Then you remove it from the domain, reboot, plug the network cable back in, then re-add it to the domain.

      Much easier than diving for the NT Password disk (which is still very handy to have, for other reasons).

      Reply
      • James

        I agree…. But I was a thousand km’s from the PC and it had been offline for upwards of a year so I couldn’t remember what my locally cached domain password was… and didn’t want to share the several possibilities with the person onsite who could unplug the LAN and physically enter the password. Hence using NTPasswd…

        Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.

You May Also Like…

Squarespace Image Export

To gain continued access to your Squarespace website images after cancelling your subscription you have several...

MySQL 8.x GRANT ALL STATEMENT

-- CREATE CREATE USER 'tgnrestoreuser'@'localhost' IDENTIFIED BY 'AppleSauceLoveBird2024'; GRANT ALL PRIVILEGES ON...

Exetel Opt-Out of CGNAT

If your port forwards and inbound and/or outbound site-to-site VPN's have failed when switching to Exetel due to their...