Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't logon to laptop after removed from company domain


  • Please log in to reply
5 replies to this topic

#1 NotionCommotion

NotionCommotion

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:01:45 AM

Posted 17 April 2014 - 11:14 AM

I tried to add my work laptop to a workgroup (see attached image from where I did it.  Note that this image was taken from my home PC where I am on a workgroup, and I just put a sample domain in the image).

 

Didn't ask for a password or anything.  When I rebooted, I could not log on.  Turns out I was removed from the company domain, and the username/password required to log on was that of the original individual who images the laptop.

 

IT tells me there is no way to add me back, and my only recourse is to reimage the laptop!

 

Is there any options?  The harddrive is encryped, however, I have obtained the encryeption key and could access it now from another PC.

 

Thanks!



BC AdBot (Login to Remove)

 


m

#2 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,932 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:06:45 AM

Posted 17 April 2014 - 11:39 AM

Hi,

 

I'm not sure about the encryption part but Microsoft provides a set of tools to Volume Licensing clients called  Diagnostics and Recovery Toolkit (DaRT) it includes a tool to change the password for local accounts called LockSmith you need to have Administrator access to be able to rejoin the domain.

 

My understanding is that changing the password for a user this way will break the encryption (make documents unreadable) but it can be restored by using a backup of the encryption key for that user.


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#3 Kilroy

Kilroy

  • BC Advisor
  • 3,279 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:12:45 AM

Posted 17 April 2014 - 12:22 PM

Back up your data and have the machine reimaged.  You'll spend more time and effort trying to get this working again than it will take to reimage.  There are many possible encryption methods and without knowing which method your company is using or how they are managing it I wouldn't guess your chances of being able to successfully rejoin the computer to the domain and still be able to read your data.  Use this as a lesson learned and don't join a work computer to your personal workgroup in the future.



#4 NotionCommotion

NotionCommotion
  • Topic Starter

  • Members
  • 59 posts
  • OFFLINE
  •  
  • Local time:01:45 AM

Posted 17 April 2014 - 02:52 PM

Use this as a lesson learned and don't join a work computer to your personal workgroup in the future.

 

Ha ha, your funny!  No, I will NEVER forget.

 

To backup the data, I need access to the hard drive which was encrypted using bitlocker.  I gave them the key identifier for both my C: and D: drive, and they gave me the recovery keys for each.

 

When viewing the hard drive as an external hard drive on my home PC, both C: and D: have a users directory as well as a directory for my username.

 

On the D: drive where I have my data however, when clicking it, it first has me put my home PCs administrator password, but then says I don't have access to this device, and must use the security tab.  Looking at the popups describes how changing it might prevent the previous user from viewing which kind of concerns me.

 

Any suggestions?  Thanks



#5 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,932 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:06:45 AM

Posted 17 April 2014 - 03:40 PM

 

Use this as a lesson learned and don't join a work computer to your personal workgroup in the future.

 

Ha ha, your funny!  No, I will NEVER forget.

 

To backup the data, I need access to the hard drive which was encrypted using bitlocker.  I gave them the key identifier for both my C: and D: drive, and they gave me the recovery keys for each.

 

When viewing the hard drive as an external hard drive on my home PC, both C: and D: have a users directory as well as a directory for my username.

 

On the D: drive where I have my data however, when clicking it, it first has me put my home PCs administrator password, but then says I don't have access to this device, and must use the security tab.  Looking at the popups describes how changing it might prevent the previous user from viewing which kind of concerns me.

 

Any suggestions?  Thanks

 

 

That is perfectly normal as your files belong to a different user.

 

If your company have access to Microsoft DART it supports bitlocker, using the encryption key for the C: drive it should be very simple to change the Administrator password.

Using the Administrator account and adding the machine to the domain should put everything back in order because your user account it's validated on the Domain controller.


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#6 Kilroy

Kilroy

  • BC Advisor
  • 3,279 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:12:45 AM

Posted 17 April 2014 - 03:55 PM

If you take ownership of the drive and all of the folders when it is attached to your home machine you should be able to back up your data to your home machine.  I'd recommend checking in the C:\Users\YOURACCOUNT, where YOURACCOUNT is replaced with your work ID and make sure that there is nothing there, Favorites and Desktop come to mind, along with the data on D:.






1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users