Taking control of his own machine

Not being administrator on his own Windows-based PC or laptop is a real shame. It prevents the installation of most software programs and some settings are not accessible. This issue is most commonly caused by system administrators in a need for a power trip, but it could also happen on a home computer configured for multiple users. One could run on user accounts and sometimes, less and less often, switch to an administrator account to install software programs. The inevitable then happens: forgotten administrator password.

The simplest solution in this case is to wipe the computer and reinstall Windows, but I needed to do better than this two years ago. This post describes what happened and what I did to get around the issue. Anyone trying this should be careful and be aware that this could cause trouble, especially if the gained privileges are misused afterwards. I only gained administrative privileges on a testing ultrabook. That couldn’t and didn’t grant me any permission on other systems.

A new but limited ultrabook

Friday, April 26 2013, I got a new Windows 8 ultrabook at my workplace. It was officially to test a Windows-based virtual assistant we were developing at that time, but that machine could do more: temporarily replace my official work laptop which was becoming too sluggish. Replacement of the old laptop was delayed for procedural reasons. I knew I could install my stuff on the ultrabook without disturbing the virtual assistant application, so the ultrabook could perform both functions.

The Monday after, I was heading to the Burlington office of my company to provide technical support for people there. I wanted to bring that new ultrabook with me so I needed to install a couple of programs on it before leaving. Unfortunately, I quickly noticed, Friday at the end of the day or during the weekend, I don’t remember, that I couldn’t install JDK on the machine because I was not administrator. I wasn’t sure I would be able to get IT from granting me the administrative privileges by Monday just before leaving and wanted to get some stuff installed before Monday.

Feeling a bit cow boy, I wanted to hack my way around this issue. Not being administrator on my corporate laptop is a concern for me. At my current workplace, this is not an issue, but I heard this is a problem in other companies. Having a last resort way out seemed useful to me. I just found out this way, and that leaves almost no traces if everything goes well. Keep in mind this impacts just the hacked computer, nothing else on the network.

Shutting down Windows 8 properly

The main idea of my strategy was to boot the ultrabook into Linux, mount the Windows partition and hack the registry to do something about the unknown administrator password. For this, Windows 8 has to be shutdown properly. There is a new feature called hybrid startup causing the shutdown to be unclean and preventing Linux to mount the Windows partition read-write. Fortunately, this can be worked around by cleanly shutting down the PC. The simplest way is to start a command prompt (Windows key + R, then cmd), and type shutdown /s /t 0. Two years ago, I also found out I could hold Shift key while clicking on the Shutdown button, but I’m not sure this works anymore.

Booting Linux

Then I needed to boot into Linux. The simplest solution is to use Offline NT Password Recovery & Registry editor, but it was not compatible with UEFI at that time and I wasn’t sure I would be able to perform a non-UEFI boot on this Dell’s XPS13 ultrabook.  Moreover, I cannot find the download anymore for the tool. It seems that we now have to email the author to get the hidden link. I find this quite bad practice and when that happens, have a tendency to look elsewhere.

I thus tried to boot Ubuntu, and I had to do it from a USB key because there is no CD/DVD drive in the XPS13. I don’t remember exactly how I got the Live USB key. I probably used the Live CD/DVD/USB Creator tool built into Ubuntu, but other pages such as this one give clues about how to create it from Windows.

I then had to modify the BIOS/UEFI settings of the ultrabook to alter boot priority. If I remember well, I had to hit F2 while the XPS13 boots, before Windows starts of course. I managed to get the ultrabook from UEFI boot the USB stick, but that crashed after the boot. I thus had to enable legacy boot and then boot the USB key in MBR, non-UEFI mode.

chntpw

After I successfully booted into Ubuntu Live USB, I started a terminal and entered sudo apt-get install chntpw. This installed the Offline NT Password Recovery tool. I just tested while writing this post on a Ubuntu 15.04 box and that still works!

After the tool was installed, I of course started it: sudo chntpw. I followed the instructions. I was offered the opportunity to reset the administrator password, but I didn’t like this, because I would not be able to restore the ultrabook in its original state: my hack would leave a trace. I found a better option: active the hidden Administrator account! After this was done, I rebooted into Windows and was able to log in as Administrator.

I don’t remember if I absolutely had to restore UEFI settings to disable legacy boot in order for Windows 8 to boot again, but I did it for my intervention to be as clean and traceless as possible. At worst, I would have obtained an error message when attempting to boot without the USB key and would have had to alter boot priority and/or disable legacy boot: no harm done to Windows.

One step further

The problem was solved, but I wanted to step even further: transfer the gained administrative privileges to my regular user account! For this, while logged in as the local Administrator, I had to access Control Panel, then Administrative settings, then Local users and groups. Unfortunately and very shockingly, this option has been completely hidden away in Windows 10: you once again have to search on Google and figure out you need to press the Windows + R keys to open the Run dialog, type lusrmgr.msc, and click/tap on OK. I hope one day Microsoft will understand this is very bad and frustrating practice that will make many power users, including me if I could, migrate to Mac OS X.

I then selected Groups, double-clicked on Administrators and clicked Add to add a member. The system offered me a dialog box to type the user name to add, but Windows was unable to find my user name of the form <company name>\<user name>.

I don’t know how I thought about it, but I figured out that Windows would need to access my company’s active directory service to resolve user names to IDs. Since I was at home, I needed to establish a VPN connection. I thus installed the Cisco VPN client on the ultrabook (I would need it anyway afterwards), then was able to add my user account to the local Administrators group. I don’t know exactly how I got the VPN client: maybe I had one copy lying around on my main computer for obscure reasons, maybe I turned on my main corporate laptop to download it, don’t remember. I was also able to hook up to the VPN from Ubuntu without a tool downloadable only from my company’s Intranet. But I got VPN and that worked.

After I did that, I logged back as my regular user, was able to install JDK without any issue, then I went back into Local Users and Groups, selected Users, double-clicked on Administrator and disabled the account. That closed the back door I used to gain administrative privileges, without taking away my new rights.

Will this always work?

No. Unfortunately, I can imagine ways to prevent this trick from working. The easiest way is to set up a password preventing access to the BIOS settings. Not being able to modify BIOS settings means impossibility to alter boot priority. With that enforced, the only workaround would be to remove the SSD from the machine, install it in another computer running Ubuntu and run chntpw, making sure it would work on the SSD, not on a potential main Windows install in dual boot on the Ubuntu box! Removing a SSD from a laptop or ultrabook is sometimes a risky operation, sometimes requires disassembly of the keyboard, memory modules, casing, etc. Not sure I would have attempted it.

Of course, the latter workaround miserably fails if the disk is encrypted, e.g., with Symantec’s PGP Whole Drive Encryption. One possible workaround may be to get the SSD out again, install it on a Ubuntu box itself running Symantec’s PGP and, if the encrypted drive’s password is known, maybe it is enough to decrypt the drive and mount it, allowing chntpw to work on it. It could also happen that the encryption key is made of the user’s password and a hash derived from computer’s information. In that case, it could be quite hard to work around the protection. One possibility, if the BIOS is not password-protected, may be to boot into a Live USB Ubuntu, install the encryption tool and try to decrypt the drive on the local computer itself.

Windows 10: a new hope or not?

Since I moved to Windows 8 two years ago, I experienced several issues with my system. There was nothing major, and only suspicions that the cause was Windows 8 itself, so I was worried about finding the same issue after downgrading to Windows 7. I thus kept that Windows 8 installation and lived with the hurdles.

In particular, Windows 8 broke NTFS support in Ubuntu, periodically preventing my hard drive to show up. I had to disable the new hybrid startup to get rid of this problem. However, a few months later, the issue showed up again until I completely disable hibernate using an obscure impossible to remember command. That had a strange side effect of shutting the computer down after the computer was in standby for too long, so I had to disable automatic standby as well.

One day, all of a sudden, system completely stopped working, I had to refresh the PC, which completely destroyed all my configuration. Instead of reinstalling all drivers and applications, I just restored a CloneZilla image.

Sometimes, login becomes slow. The computer starts at normal speed, I reach the login screen, then I have to wait 30 seconds between the time I type my password and reach the desktop. Usually, I’m not experiencing this ridiculous delay, but it happens often enough to bother me. I have a Core i7 with a SSD, so I find this quite bad that Windows compensate the hardware efficiency without software delays!

There is also that intricate audio issue making computer-assisted music a pain: computer refuses to shut down after a session in Ableton’s Live, Live suddenly refuses to start and requires reinstallation of Visual C++ libraries, sound starts to be choppy when using ASIO for playback or recording, S/PDIF distortion with my M-Audio Fast Track Pro when hooked to my UltraNova synthesizer, etc.

The only “solution” I was getting was to downgrade to Windows 7, because Microsoft is releasing one good version of Windows out of two. But I was worried that downgrading would cause me activation issues and didn’t want to come back with my old Windows 7 problem of low contrast between selected and unselected menu items. I have this issue at work and the only fully working patch is to completely disable Aero theme, falling back to classic theme.

The upgrade

Rather than letting Microsoft decide for me when I would get this upgrade to Windows 10, I downloaded the Windows 10 setup tool and ran that in order to download the new system and transfer it on a USB key. I put this USB key aside for the day I would be ready to attempt this upgrade.

I tried the upgrade on Saturday, August 22 2015, a few weeks after the official release. Before my attempt, I checked that all my main applications and device drivers would be available. I also backed up all my data and created a new CloneZilla image of my SSD containing Windows 8.1 and Ubuntu 15.04 in dual boot.

My first idea was to completely wipe Windows 8.1’s partition and install Windows 10 fresh, eliminating all quirks and issues that could arise from this old and possibly altered Windows 8.1 setup. Unfortunately, things didn’t go as straight as I expected. I was certainly able to boot from my Windows 10 USB stick, reached an installer, but I was blocked at the step requesting a product key. None of my Windows 8 and Windows 7 keys worked. There was a button to ignore the step, I thought about trying that and attempting the activation later, maybe an update would allow my old product key to work, or maybe the validation of the product key required Internet connection which was not available because my network interface wasn’t supported or initialized at this time.

Instead of running the risk of not being able to activate my freshly installed Windows 10, I turned on my ultrabook and searched on the Internet. I first got a forum post suggesting to call Microsoft, maybe they would be able to perform the activation by phone even though it doesn’t work by Internet. No way! I didn’t want to spend frustrating minutes trying to enter a validation key that the operator would dictate me, one hand on the keyboard, one hand to hold the phone, just because Microsoft cannot evolve. Fortunately, I searched a bit more and found out that the upgrade process allowed to wipe out pretty much everything: installed application and user’s configuration.

I thus decided to try this instead of fiddling with activation issues I tried to avoid since two years by refraining from downgrading to Windows 7! I thus restarted into Windows 8.1 and executed the setup program on my Windows 10 USB key.

I had the choice between preserving all my applications and data, only the data or nothing at all. I first thought about the third option, to start as fresh as possible, but I was worried that Windows could destroy all my partition layout, including my data drive. I didn’t want to reinstall Ubuntu and uselessly restore all my data from backups so I chose the second option: preserve data but remove applications.

After the setup program restarted my computer, I got stuck with a boot error message. I first thought Windows installation messed up and I would have to attempt the clean install and then work around activation hurdles, but I quickly found out that the error was related to GRUB. A bit annoyed by the fact once again, Windows broke GRUB which is needed to boot Ubuntu, I restarted my machine and changed the boot option to start Windows instead of Ubuntu. I was then able to resume Windows installation, which went well after this small hick up.

Cannot login!

After upgrade completed, I got the new welcome screen, very similar to Windows 8.1’s. I entered my usual user name and password and got an error message: invalid password. I tried many times, same issue. I first thought about this stupid annoying insane caps lock: no, caps lock was off. I then thought there was a networking issue. Since I am using a Microsoft account to login, my password is stored both on my local machine and on Microsoft’s server. The format of the password cache may have changed between Windows 8 and 10, so a first login in Windows 10 could require network access. Maybe, I thought, the network interface is not detected or requires a driver that I would have to install in safe mode. Quite bad, definitely Windows installation is harder and harder and we will soon have to forget about any upgrade, unless we get a new computer with preinstalled OS.

Fortunately, the problem was simpler, far simpler, almost shockingly simpler: Windows 10 reset keyboard to France French AZERTY! I found an icon that allowed me to set the keyboard at login time back to Canadian French, then my password worked!

Good news

After these initial issues (cannot clean install, killed GRUB and login problems), I was able to reach the desktop and things went quite smoothly. Windows 10 desktop is quite similar to Windows 7.

Capture d'écran 2015-08-29 13.55.45

The start menu, which was removed from Windows 8, is back again and works pretty well.

Capture d'écran 2015-08-29 13.56.02

The contrast issue between selected and unselected menu items didn’t come back. The new start menu is a bit easier to use than Windows 7 one.

I didn’t care about the personal assistant Cortana and the new Web browser Edge, but I really liked the fact that the Alt-Tab finally works correctly. Since Windows 7, when I was pressing Alt-Tab and holding Alt, pressing Tab to toggle between opened windows, I always had to be careful not to select the desktop which was listed in the proposed targets. I did this mistake again and again, especially when struggling with problems, and that makes things annoying. The only workarounds was to stop using Alt-Tab and fiddle with the mouse instead, or alleviate with solutions such as Virtuawin. Windows 10 helped with that by removing this fake desktop window from the targets proposed by Alt-tab switcher.

Capture d'écran 2015-08-29 13.56.21

Even with that small improvement, there is still a need to group windows into virtual workspaces for efficient navigation. Windows 10 finally addressed this through builtin virtual desktops. This feature is activated by pressing Winows-Tab, then it is possible to pick another desktop or create a new one.

Capture d'écran 2015-08-29 13.57.08

I was worried that Microsft would, like Apple, implement this in a poor way, making it totally useless. On some implementations of virtual desktops, namely the Apple one, but also on some versions of GNOME 3, Alt-Tab shows opened windows from all desktops, making the grouping totally useless for me. Virtual desktops is then useful only for people able to have multiple windows opened side by side on the screen. In my case, I almost all the times have a maximized window because with the larger fonts I need to use, I cannot stuff as much information in windows than with most other users. I was happy that Windows 10 correctly honored the grouping of windows when pressing Alt-Tab.

However, I’m still unsure this will be efficient for me to use. For now, I didn’t find any effective way to go from one desktop to another. I had to press Windows-Tab, then Tab, then arrow keys, then Enter. I will probably always mess up in the sequence, e.g., press arrow keys before Tab. However, the ackward user interface may be compensated by better reliability since the feature is builtin rather than hacked using windows hiding like Virtuawin does. I hope I will get less random issues like keyboard not working after switching to a new desktop, Virtuawin offering to close itself when pressing Alt-F4, instead of closing the current window, etc.

Another improvement is the possibility of disabling DPI scaling for 64 bits application without fiddling into the registry. Up to Windows 8.1, this was possible only for 32 bits applications, so for Ableton Live, which causes issues with DPI scaling, I had to use a registry tweak. This is annoying, hard to remember and prone to disasters. What if by mistake I remove a registry key?

I also liked that the Explorer now groups the favorites and libraries in the same list rather than having two separate lists. Since Windows 8.1, i have to spend almost 20 seconds each time I want to reach my Dropbox folder. When I start Explorer with Windows-E, the Dropbox shortcut isn’t shown so I have to scroll up. Mouse wheel doesn’t work so I have to locate the too small scroll bars and use that, or try with my touch screen. Sometimes it works, sometimes it moves stuff around!

Capture d'écran 2015-08-29 13.56.12

Software compatibility

I read quite a bit of concerning forum posts about broken programs in Windows 10. In particular, several people had issues with Ableton’s Live 9.1, the program I use for computer-assisted music. I’m underusing it quite a bit for now, but I would like to continue exploring it. My hope is to make better use of it at some point in my personal progression in musical creation. Some people were saying Ableton’s Live 9.2 Beta version worked better. Fortunately, that Beta became final before I upgraded to Windows 10 and Ableton didn’t charge upgrade fees, so I got the new version without any hesitation. For now, it works correctly, but I didn’t try to push it hard yet: no ASIO, no multitrack recording, etc. It will come, and hopefully it will have less issues than with Windows 8.1.

I didn’t install the driver for my M-Audio interface yet. I’m still using the interface built into my UltraNova, for which Windows 10 compatibility is official as opposed to M-Audio’s Fast Track Pro. My concern is that the installation may mess things up and cause issues that will be entangled with other problems. I will thus make sure everything is stable before dropping this driver in, and probably even be as paranoid as creating a new CloneZilla image before installing that piece of software. If the M-Audio interface is flawed with Windows 10 as with Windows 8.1, I will have to consider purchasing a new one: minimum four inputs, maybe eight if that’s not over-expensive, I’ll see. If Live is also unstable, I may have to try my luck on a brand new Mac and probably end up setting a lower resolution than my LCD native one because fonts are too small on Mac OS X and cannot be enlarged in a consistent way.

Ninite installed most of my main applications: LibreOffice, Firefox, Thunderbird, etc. GNU Emacs still works, same for Minecraft, both FTB Monster and Agrarian Skies 2 packs. I also installed the latest version of Bandicam, which seems to work, but I didn’t perform any gameplay recording since my upgrade.

I don’t know about Corel’s VideoStudio yet. I am using this sometimes flaky tool to perform basic editing on my Minecraft gameplay videos. I am planning to upgrade this thing to the latest version, which hopefully will address potential Windows 10 issues. I didn’t read any positive or negative reports about this software program on the new Windows.

I’m a bit concerned with VirtualBox, whose version 5 has issues with Windows 10. They don’t tell anything about version 4.3, which I chose conservatively because I was putting up a virtual machine at my work place shared with colleagues. Fortunately, I don’t absolutely need VirtualBox for my personal use now. It may just be useful as a backup solution if I work from home one day and my work laptop fails, but I still have to check that Cisco’s AnyConnect VPN correctly works wih Windows 10. Anyway, i still have the option to boot into Ubuntu, where Cisco’s VPN and VirtualBox work!

Ubuntu threatened once again

The day after my Windows 10 upgrade, I tried to repair my Ubuntu boot. First, I booted back into GRUB, hoping it would work. Windows 10 should have only changed its stuff in the ESP, leaving GRUB intact. No, no luck. I was sent to a rescue prompt. I tried to enter commands without success. I tried “help”: still no luck. I would thus have had to check on the Internet to figure out what basic rudimentary commands this tool accepts. Why didn’t it offer online help?

Tired of fiddling with Ubuntu, I rebooted into Windows 10, now ready to delete its partition, enlarge Windows 10 partition and install a fresh new Ubuntu in a VirtualBox virtual machine. I was a bit sad to downgrade Ubuntu from being a first class operating system to a Microsoft’s slave, but I felt it was better for my mental health to do it sooner than later.

However, I got blocked by multiple unknown partitions preventing me from just enlarging Windows 10 space. I would have to remove my Linux partitions and then move these unknown partitions, unless I knew for sure I could delete them as well. To figure this out, I had to reboot into a Ubuntu Live DVD. I then found out that I never downloaded any Ubuntu 15.04 ISO! I ended up trying with 14.10 and got confirmation that the unknown partitions contained Windows recovery data: better to preserve them.

While booted into Ubuntu Live DVD, I decided to restore GRUB. This went well, but I had to use the contorted method consisting of making a chroot environment with my Ubuntu installation and reinstalling GRUB from there

Surprise: the nasty pig once again wasn’t finding out my Windows partition! I had to search on my blog posts to figure out how I addressed this in the past. Last time, my ESP wasn’t set up with the Boot flag. But this time, my ESP was correct. Oh no, don’t tell me Windows 10 messed up with things so this time I will have to manually add it to the GRUB menu, and redo it each time something upgrades the kernel! Before resorting to do and redo that, I rebooted into Ubuntu, which worked, tried to rerun update-grub, and this time, Windows loader got detected! Phew!

Why does standby and hibernate work only on laptops?

The day after the upgrade, I left my machine unattended for some time. When I came back, it was in standby mode. I turned the computer back on, things seemed to work right, then poof, blue screen. According to the error message, there was a corrupted driver. System had to reboot once again. This is not the first time I have to reboot the whole system to get out of standby or hibernate, and that happens only on desktop computers. On laptops, standby and hibernate wok correctly. I got more issues on Linux with this than on Windows, but it also happens on Windows, without any clear solution other than trying random things and reinstalling pretty much all drivers, without any chance of success. Maybe standby and hibernate should just be disabled by default on desktops, this is just too annoying to have to reboot to get out of this state! After that issue, I just disabled the automatic standby, so it won’t happen again until I decide to give it a new shot later on. I didn’t get other blue screens after this.

Seems NTFS-3G requires a patch that doesn’t come up

As I wrote above, since Windows 8, I am having issues with mounting my NTFS partitions under Ubuntu. The partitions just don’t mount, until I reboot into Windows, then reboot back into Ubuntu. NTFS-3G, the driver used by Linux to read/write NTFS, would definitely need to be patched to deal with incorrectly unmounted partitions. This is far from great, but this is needed because Microsoft is doing messy stuff with NTFS. Before we get this patch, all we can do is disable hybrid startup.

This time, the issue was more severe. Rather than just not mounting NTFS drives, Ubuntu refused to boot completely. I don’t know exactly why, and wasn’t able to perform any diagnostic, because the rescue prompt that came up was shown with too small fonts. I ended up rebooting, which just froze things up, no way to start up Ubuntu, even in single-user rescue prompt!

When this happened, next Tuesday after my upgrade, I rebooted into Windows to make sure at least my SSD wasn’t dead, then rebooted back into Ubuntu… with success!

Later on, I disabled this hybrid startup once again, and that seemed to have fixed things. I didn’t get other Ubuntu issues since then.

How about my ultrabook?

The situation on my Lenova IdeaPad ultrabook was a bit complicated. First, the machine had Windows 8.1 home edition, so unless I upgraded it to professional edition first, I had to download another installation medium instead of reusing the USB key I created for my main PC. Moreover, I got no prompt offering me to upgrade to Windows 10 like the ones that showed up on my main PC, so it was possible the machine runs a special Lenovo version of Windows 8. If I upgrade to Windows 10 in such a case, it may either just fail, either I will get flaky behaviors.

In particular, when I flip my ultrabook into tablet mode, the mechanism disabling the keyboard is software-based. Some people who tried Ubuntu on this model reported that the keyboard was still working when the machine was flipped into tablet mode. Without Lenovo’s customizations and drivers, I may get this incorrect behavior in Windows 10. Even worse, the touch screen may just not work. I thus had to be careful when upgrading this machine, and make all possible backups before, and be mentally ready to fight against this machine and then downgrade back to Windows 8.1.

On September 19, 2015, things changed slightly: I got the notification about upgrade being available for my ultrabook. I proceeded with the upgrade on Saturday, October 3, ater I backed up the machine using CloneZilla. The upgrade happened without issue, except the machine seemed slower after. However, things settled after a few days and the system is responding correctly.