SAL logon after changing unknown Windows Password in a domain

  • Article ID: 107861
  • Updated: 27 Mar 2014

SafeGuard Easy multi-platform 4.5x

Client OS

Windows 2000 Professional SP4, Windows XP SP2 Professional Edition

Server OS

Windows 2000, Windows 2003


How to get access to a SafeGuard Easy secured system if the Windows password is unknown and the password
needs to be changed using password synchronisation.


We have two users:
1. Domain user named "domain" with password "test"
2. SafeGuard Easy user named "Easy" with password "secure"

The customer now gets back from holiday and has forgotten his password.

To solve this situation the following steps need to be performed:

1.Create a new windows password for "domain" using the password reset function of Windows 2003 Server.
The new password now is "temp"

2. Create a challenge response code that allows the user to change the password of "Easy" from "secure" to

After changing the password the boot process will continue. The SafeGuard Easy SAL tries to logon the user
"domain" into the windows domain using the old password "test". This fails and user is prompted to type in a new
windows password. Type in the new password for windows which was created in step 1 -> in this case "temp".

Now the SafeGuard Easy synchronisation process starts and the user is prompted for his SafeGuard Easy password. At this point the password that was created in step2 has to be entered -> this will be "encryption".

The next time the user boots up the system following credentials need to be entered at PBA level to log on:

User ID: Easy
Password: encryption

The system then will automatically pass trough to the users desktop.

The user does not have to change the Easy password again after performing above mentioned solution!
The user can create a new (secure) password during the challenge response process.

keywords: sge

If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent