Reset Windows local admin password
Occasionally you must do some sysadmin chores. So, I found myself having to onboard a local machine into Endpoint Manager. Little did I know that it would result in a machine had a local admin account that we couldn’t find the password for 🤕.
Reset password with a bootable USB-stick
Step one was to figure out how to reset that password. Armed with a blog How to Reset Forgotten Windows 10 Password with a Boot CD the steps seems to be straight forward:
- Stick in the bootable USB and boot from Windows (used a Windows 11 one)
- Press Shift + F10 in the WIndows Setup window
- Run
move c:\windows\system32\utilman.exe c:\windows\system32\utilman.exe.bak
- Followed by
copy c:\windows\system32\cmd.exe c:\windows\system32\utilman.exe
- Run
wpeutil reboot
and remove the USB stick
However if you would try this scenario with a BitLocker enabled device you get an error. BitLocker prevents tampering with the disk, so you will need to disable that first.
Temporary unlock BitLocker
Before running the move
and copy
commands you must unlock your drive. Doing that I found on How to Decrypt BitLocker-Encrypted Drive from Command Line. By executing the following command manage-bde -unlock D: -RecoveryPassword BITLOCKER-KEY
in the command line. Doing so temporary unlocks the drive and you will be able to execute your move
and copy
commands.
Reset password
If you execute the move
and copy
commands both files should be present. If so you can start your machine; click the ease of access icon and you will be presented with the utilman.exe
window. From this window you can run net user username password
where you can replace your username
and password
with values you like. The result will most likely something like this:
net user mylocaladmin newpassword
With that command executed the local admin account now has the new password. You can use that password to sign in right away and you are back into your system.
Took a few search actions but with that in place we could reset the local admin password and move on and get the machine linked to our Azure Active Directory.