And today’s idiot award goes to…

07 Nov

And today’s idiot award goes to…Me.

One of my test networks experienced an Active Directory issue a few days ago which resulted in several computer accounts being reset, including the server which is running my development copy of MDT 2010. Since I couldn’t recall what I’d set the local admin password to, and wasn’t able to log in with a domain account, I resorted to my trusty and oh so simple Utilman.exe hack to get a shell on the server and reset my password. Essentially this involves replacing utilman.exe with cmd.exe so that you can press Ctrl+U at the logon screen to get a command prompt with System level privileges, allowing you full, unauthorized access to the box.

Unfortunately, I was having a numpty moment and ended up replacing cmd.exe with utilman.exe. I have just spent hours troubleshooting MDT 2010 wondering why it is suddenly unable to update my deployment share. And while cursing MDT, I was also idly wondering why the stupid “ease of access” center kept popping up. Hm, could it possibly be because MDT calls cmd.exe (or in this case utilman.exe pretending to be cmd.exe) to copy files around?!

In my defense…well…actually, I can’t think of a defense for this one. I shall just go and sit in the dunces corner for an hour!!

Leave a comment

Posted by on November 7, 2011 in Security, Work


Comments are closed.

%d bloggers like this: