Wednesday February 7th, 2018 12:08 A new Win10 update is borking domain machines; here’s how to fix it

So far this week, I’ve had three different users looking down the barrel at a BSOD after they did exactly what I asked by running a once-weekly reboot.

Win 10 hasn’t given me a lot of BSOD problems, and most of them have been a simple reboot and things were done. But this sum’bitch right here is nasty as hell.

You’ll end up with an infinite restart loop after a benign reboot – this is your warning sign that this is going to hurt.

asplode

Let’s not muck about with why or how this happened (might be this). Here’s what to do:

  1. Go into restore and pick the latest point you can find. Thankfully restore only messes with installed programs anymore, so it’s easy enough to deal with anything lost after this step.
    • At this point a domain machine will do the first fun thing, which is have a broken trust relationship, even if the restore point was from that same morning
  2. Log in with a local account
  3. Discover that, for no fucking reason at all that your local admin account is now a guest account
  4. Grab (or create if need be) a usb installer for Win 7/8/10 – all will work – and boot to that
  5. Use the Utilmon.exe replace trick (detailed in answer 2 here) and use that to enable the built-in administrator (or change the account type on the existing login)
  6. Sign in as administrator and give admin rights back to your other local account
  7. Unjoin the domain
  8. When that mysteriously fails, open Local Security and go to Local Policies -> User Rights Assignment and re-add your locals to the Back Up and Restore lists, which are now exclusively populated by de-coupled GUIDs
  9. Reboot, unjoin domain again, reboot, rejoin domain, reboot
  10. Drink. Heavily.

My second go at this went a lot easier than numbers 1 and 3, so you might get lucky and be able to skip a few steps. But don’t expect it.

Good luck, kids.

Los Commentos, as the French say

Your name

Your email

Your URL

Whois

IT guy, dev, designer, writer.

Got a degree in print journalism from UF but history dealt some bad cards to that industry, so I moved back to an earlier love: the computer.

Was recently at ZMOS Networks, but am now the Senior IT Associate at the Edna McConnell Clark Foundation.

My name is moderately common, as are a couple screen names, so always look for the logo to make sure you're reading something with official Km approval.

You can get to me directly with kyle(@)kylemitchell.org