I've been using Vista for about four months now. I've gone from part time to full time Vista use, and must say that I like the extras Vista has to offer. As a business user, the BitLocker encryption alone makes it worth the price of admission.
For some reason today my laptop decided that it was no longer happy on the domain. The trust relationship was hosed. So without thinking too much about it, I removed the laptop from the domain.
What I forgot was that on the version of the Vista image I was running there was no local admin account. And the administrator account was, of course, disabled. So here I was, visions of re-imaging going through my head. And because of the BitLocker partition, there was no way I would be getting any of my data off of the drive beforehand.
On a whim I booted into Safe Mode. To my surprise, I was not required to authenticate and a desktop came right up. I was able to add a new user and make that user a local administrator. Then I rebooted, logged in as that new user, and joined the laptop to the domain.
So this looks to me like a big security problem. I can't really believe it was possible to do that. I freely admit that it could be a configuration problem with our image, and I'll be looking into that. We didn't do anything that I know of to allow this kind of thing to happen, so we're going to have to take steps to prevent it.