Originally posted by: bsobel
Either way, it's a rather broken, brain-dead, mis-feature, that a normal user can lock-out and override Administrator.
But they can't. For the 'true' administrator to be hidden there must be one admin privledged other account on the system. That account can do whatever is neeed.
I'm really not sure why you are saying that - I've seen it personally. A WinXP (Pro) SP1 system, with the (default) "Administrator", and at least one (normal) "JoeUser" account.
JoeUser logs in, and leaves themself logged in. FUS is enabled. If I hit C-A-D or whatever to bring up the "simple" login screen, I am blocked from using C-A-D again to get past that, to be able to login as "Administrator". So the "normal" user, whom I don't have the password to their account, has kept me locked-out of the machine, unless I power-off the machine, which of course will most likely cause dataloss.
The workaround, of course, is to create an additional, non-default named user, that is part of the "Administrators" group. I'm guessing that the non-default named admin account should show up on the "simple" login screen alongside the other named accounts. The fact that the default Administrator account is so hidden, and hitting C-A-D multiple times at the login screen when a normal user is already logged in, doesn't allow accessing Administrator, in the same way that it would if no-one was currently logged-in, is the severely-broken mis-feature here.
Originally posted by: bsobel
it should prompt for forcibly logging-off the "normal" user, almost like when an Admin logs in via RDP
I've had the same thought as you on that...
Bill
I really question the sanity of some of MS's software design, it's as if they never actually use their own software, or something. (Yes, I know about the supposed "dog food" development process, but still... I question it.)