net localgroup administrators localadmin \/add<\/p><\/blockquote>\n
![\"Image\"](\"https:\/\/foxdeploy.files.wordpress.com\/2013\/08\/6.png?w=646\")
<\/p>\n
Now simply logon with these credentials.<\/p>\n
![\"Image\"](\"https:\/\/foxdeploy.files.wordpress.com\/2013\/08\/7.png?w=650\")
<\/p>\n
To save on keystrokes, you can use .\\ notation to log on to the local system.<\/p>\n
![\"Image\"](\"https:\/\/foxdeploy.files.wordpress.com\/2013\/08\/8.png?w=650\")
<\/p>\n
And you\u2019re in!<\/p>\n
From here, you can use other means to reset your domain accounts to gain access to your lab again.<\/p>\n
As I mentioned earlier, the ability to launch a privileged command prompt at the logon screen allows for some curious behavior. \u00a0For instance, if you call Explorer, very interesting things happen. \u00a0Not as much fun on Windows Server 2012 or Windows 8. \u00a0On Server 2008 or Windows 7, you can have the Start Bar and desktop display over top of the logon screen!<\/p>\n
Here is an example of a similar situation, launching Explorer while a Task Sequence is running.<\/p>\n
![\"Image\"](\"https:\/\/foxdeploy.files.wordpress.com\/2013\/08\/example-start-screen-over-logo-task.png?w=650\")
<\/p>\n
This is also a potent security risk. \u00a0It is a reminder of why we always maintain physical control of our servers and encrypt our VM Virtual Hard Drives. \u00a0With the new ease of cloning Domain Controllers as VMs, someone might potentially attempt this on a domain controller. \u00a0If they are able to log on as the Local System or local Admin account to a DC, there is opportunity for mischief.<\/p>\n","protected":false},"excerpt":{"rendered":"
Do you ever get that sinking feeling, when you\u2019ve forgotten the root password to your test lab?\u00a0 Again? I hate it too!\u00a0 So I decided to figure out a way around it, using an work around. Reboot your VM with your Windows OS or Server install disc.\u00a0 Any version will work. Hit Shift+F10 for a […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[51,53],"tags":[],"class_list":["post-2110","post","type-post","status-publish","format-standard","hentry","category-server-virtualization-hyper-v-2","category-virtualization-virtual"],"_links":{"self":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts\/2110","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2110"}],"version-history":[{"count":12,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts\/2110\/revisions"}],"predecessor-version":[{"id":2122,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts\/2110\/revisions\/2122"}],"wp:attachment":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2110"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2110"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2110"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
![\"Image\"](\"https:\/\/foxdeploy.files.wordpress.com\/2013\/08\/1.png?w=650\")
<\/p>\n![\"Image\"](\"https:\/\/foxdeploy.files.wordpress.com\/2013\/08\/2.png?w=650\")
<\/p>\n![\"Image\"](\"https:\/\/foxdeploy.files.wordpress.com\/2013\/08\/3.png?w=650\")
<\/p>\n![\"Image\"](\"https:\/\/foxdeploy.files.wordpress.com\/2013\/08\/4.png?w=650\")
<\/p>\n![\"Image\"](\"https:\/\/foxdeploy.files.wordpress.com\/2013\/08\/5.png?w=650\")
<\/p>\n