Woe unto me. I’m nominating myself for a Darwin Award. Well, a computer-esque one anyway, seeing as I’m still alive. My work computer, however, is not because I killed it. And I had help too, but it was of my own doing: Microsoft didn’t hand me a loaded gun. Sure, there was a gun and yes there was ammo, but I loaded the weapon, pointed it at the hard drive, and pulled the trigger on my own. Yay for me!
Ever had a computer that was part of a domain? Sure you have. Have you ever wanted to change the name of a computer that was part of a domain? Maybe not. I did, though. So when I went to change the computer name, it told me that I couldn’t do that while it was part of a domain. This gave me pause, but I knew that the domain would automatically pick up the name change, so that quelled a concern. However, to make the change, I had to leave the domain then change the computer name and the when I rejoined the domain, all of the changed would be reflected.
Doesn’t sound so bad, does it? In fact, I had already done exactly that on this computer as well as on my notebook already this week. Basically you bounce to a local account to make an administrative change, and then rejoin the network. So I removed myself from the domain, it prompted me for my domain-based password, and it told me I could then reboot.
As the “saving changed” dialog we being shown, I thought, “Hm. Didn’t I delete my local account on this machine the other day? Oh shit.” The machine restarted: the domain was no where to be found, but that was to be expected. I try to log in with the local account. Uh-oh. I try to log in as Administrator without a password. Uh-oh. I try to log in as Guest. Uh-oh. I check with a few people in the group: no one has the valid Administrator password. Ha-ha, I hear a penguin laugh somewhere.
And so, here’s the rule of thumb: don’t ever remove yourself from a domain, if you don’t have a local Administrator account available.
Now how can I not blame Microsoft? First off, I probably shouldn’t have been running as an Administrator and since only Administrators can remove a machine from a network, I did this to myself. Also, it makes perfect sense that if you remove yourself from a network environment, and you don’t have an account that’s offline based, that you would be locked out of the machine. Not only is this a subtle layer of security, but it’s logical as well. I’m just annoyed at myself for stubbing my toe, so to speak.
That was my Friday. Monday was spent putting my machine back together, after a reformat – the good news was that I already knew where to find all of the applications I needed this time!
Week 2 continues…