Avi Vaserman, owner of Canadian MSP Sytex Ltd and an Atera client has been using Command Prompt tool and he liked to share his own experience and success story.
“We all know users and un-experiencing IT personal make a lot of mistakes. Although mistakes happen, knowing how to fix them quickly can be a valuable skill.
In the last couple of years, I found that Local IT admin can disable local administrator accounts on the computer. The reason for this is because people are scared that the computer will be hacked or a person who actually works on the machine can take control and make some issues. That’s actually a good idea, but at the same time, it is a bad idea. This is because you might delete a computer name from the domain by mistake and then add another computer with the same name to a domain. The computer will lose a trust relationship with a domain.
In this situation, local admin accounts are disabled, and the computer loses a relationship with a domain. You will have to send a tech on the site and give them a USB bootdisk to load a system to safe mode from the USB, get to SAM files, reset the password or create a password, log into the computer and then manually rejoin the computer or create a new relationship. Then it will work, or you could restore the object from tombstone AD. In a server situation, it can almost be the same.
However, the technician on site can cost the customer money.
If your agent is ON and the computer responds and is connected to the network, you do not need to do that. You can make it work remotely.
If the computer object still exists in AD or is deleted by mistake or the computer or Server lost a relationship with the domain, you do not need to send a tech on site.
Simply follow a rule:
- Go to Atera Agent.
- Open a command prompt and run net user administrator /active: yes, to enable local admin
- Then set the password net user administrator password
- Login to the computer with the local administrator
Resume the relationship with a domain and you are ready to login back with the domain username
Test –> ComputerSecureChannel –> Repair –> Credential (get-credential)
This takes less than 15 minutes of work and you are not required to send a tech to the Client.
However, if you like PowerShell, you can run from command prompt PowerShell command.
“Our mission is to help YOU streamline and simplify your MSP / IT business. The better we understand what YOU want and need, the better we can serve you and the entire IT community.
So, if there’s something you need from our full-package MSP solution that you’re not seeing, let us know. We’re happy to connect with you and discuss getting you what you need.”
