got it!
From: Casey Boone (caseyb@yourclearwave.com)
Date: 08/23/02
- Next message: Tibor Biro: "encryption"
- Previous message: Eric Dycus: "Re: How to update workstations to IE Security update"
- In reply to: Casey Boone: "Re: local security policy"
- Next in thread: Tibor Biro: "Re: got it!"
- Reply: Tibor Biro: "Re: got it!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Casey Boone" <caseyb@yourclearwave.com> Date: Fri, 23 Aug 2002 12:22:56 -0500
w00t w00t
set up a batch file in the winnt folder so i could run a series of commands
(ran the batch from the task scheduler)
extracted to .inf files, found what i needed to edit
used this line in the batch to finally get it imported and changed (it was
stalling, and finally i realized it was asking me a question, so i made it
answer the question on its own)
echo y | secedit /configure /db C:\WINNT\security\Databases\secedit.sdb /cfg
C:\sec.userrights2.inf /overwrite /areas USER_RIGHTS /log
c:\sec.userrights.log /quiet > c:\sec.userrights.7.log
sec.userrights2.inf was a file that only altered the deny login so that it
was set to noone being denied login
and then i was in :)
i appreciate all your help, this wouldnt have been possible without you
pointing me in the right direction.
now i just have to clean up after all my break in attempts, no big deal :)
Casey
"Casey Boone" <caseyb@yourclearwave.com> wrote in message
news:um8$eLhSCHA.1976@tkmsftngp11...
> ive managed to force it to run a batch file on each system startup (via a
> remote group policy edit)
>
> im playing with secedit commands ran via that to see what i can make it
> export and import, i will keep you posted of my progress
>
> all in all i think i should find this to be hilarious... at least if i
wasnt
> the one responsible for it happening in the first place :\
>
> Casey
>
>
> "Tibor Biro" <tiborbiro@rogers.com> wrote in message
> news:1f6801c249e7$21069df0$9be62ecf@tkmsftngxa03...
> > Hi there,
> >
> > The local security database (at least the user rights
> > assignment part) is placed in
> > C:\WINNT\security\Database\secedit.sdb. If you have a
> > recent backup of that file you can restore it and try it
> > out. You also have to lower the version of the policy,
> > this one is in the C:\WINNT\system32\GroupPolicy\gpt.ini
> > file. Put it to 1 or something lower than whatever you
> > currently have.
> >
> > After this you want to make sure that the policy is
> > propagated so run these commands on the target machine
> > (you can use the scheduler to schedule remotely):
> > secedit /refreshpolicy user_policy /enforce
> > secedit /refreshpolicy machine_policy /enforce
> >
> > This might do the trick, let me know how it goes.
> >
> > And finally a warning:
> > I tested this but there is no guarantee that it will do
> > any good so please take the necessary precautions.
> >
> > Regards,
> > Tibor Biro
> >
> >
> > >-----Original Message-----
> > >i was altering some settings in the local security policy
> > app, wasnt
> > >finished with them, but i had to pause what i was doing
> > to take care of
> > >something else.
> > >
> > >one of the other techs wasnt aware of what i was doing
> > and logged me out
> > >thinking it best (as my account has admin rights, we have
> > a standing policy
> > >that you dont leave yourself logged in at the server with
> > an account with
> > >admin rights)
> > >
> > >now i cant log into the server (noone can)
> > >
> > >i do seem to have remote registry access (and i have the
> > login/pass-es for
> > >all of the ppl in the administrator group) i just cannot
> > find where to go to
> > >remove the policy and allow local login. i also have
> > access through
> > >management console on another machine.
> > >
> > >what i was doing was trying to just lock out
> > the "administrator" account
> > >from logging in and anyone in the users group, but it
> > looks like i managed
> > >to just lock everyone out. (i even created a user who was
> > not a member of
> > >the users group nor the admin group, but he still couldnt
> > log in either)
> > >
> > >
> > >this is a stand alone server, not running as a domain
> > controller. should i
> > >be looking for a file on disk? should i be looking for a
> > registry entry? i
> > >cant seem to locate anything in either that looks like
> > what i need.
> > >
> > >any help would be greatly appreciated
> > >
> > >Casey Boone
> > >
> > >
> > >.
> > >
>
>
- Next message: Tibor Biro: "encryption"
- Previous message: Eric Dycus: "Re: How to update workstations to IE Security update"
- In reply to: Casey Boone: "Re: local security policy"
- Next in thread: Tibor Biro: "Re: got it!"
- Reply: Tibor Biro: "Re: got it!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
