Re: administrator unable to logon interactively
From: Steven L Umbach (n9rou@nsattbi.com)
Date: 10/20/02
- Next message: Charlie Tame: "Re: socksserver trojan"
- Previous message: Marc Hache: "Changed machine and domain name, can't login"
- In reply to: Steven L Umbach: "Re: administrator unable to logon interactively"
- Next in thread: neo [mvp outlook]: "Re: administrator unable to logon interactively"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Steven L Umbach" <n9rou@nsattbi.com> Date: Sun, 20 Oct 2002 01:24:24 GMT
Oops - scratch the system state restore if you can't log on! I didn't get
much sleep last night. --- Steve
"Steven L Umbach" <n9rou@attbi.com> wrote in message
news:HPms9.16616$%d2.16418@sccrnsc01...
> You can't modify security settings remotely that way (everything
> but). Hopefully you have been doing system state backups and a
authoritatve
> restore should fix the problem. There is another way though if that is not
> an option assuming you can access the dcs' administrative shares from
> another computer. You could create a startup script that uses secedit to
> modify the security settings. You could use or create a security template
> that would either merge or replace the current security settings. You
would
> need to copy the .inf template and script to the dc and then remotely
modify
> startup script group policy on the dc controllers from a mmc group policy
> snap in on another domain machine. Reboot the dc and you should be in
> business. If you are not familiar with secedit, the online help for it is
> pretty extensive. Good luck. --- Steve
>
>
> "neo [mvp outlook]" <neo@mvps.org> wrote in message
> news:ulx4un2dCHA.1540@tkmsftngp11...
> > Have you tried installing the administrative pack on a windows 2000
member
> > server/workstation and modify the domain policy from there?
> >
> > "praks25" <praks25@aol.com> wrote in message
> > news:748001c27700$a0dfebd0$3bef2ecf@TKMSFTNGXA10...
> > > A member of the administrators group accidentally removed
> > > the "administrators" group from rights to logon
> > > interactively in the "domain controller policy settings"
> > > at the domain controller. this was immediately replicated
> > > to the secondary domain controller and no one in the
> > > administrators group including the administrator can logon
> > > to the primary domain controller or the secondary domain
> > > controller.
> > > the message received at logon attempts is this
> > > " the group policy of this system does not allow you to
> > > logon interactively"
> > > Is there anyway to fix this problem?
> > > Since the administrator cannot logon interactively the
> > > domain cannot be administered.
> > > any help would be appreciated
> > > thank You
> > > praks25
> >
>
>
- Next message: Charlie Tame: "Re: socksserver trojan"
- Previous message: Marc Hache: "Changed machine and domain name, can't login"
- In reply to: Steven L Umbach: "Re: administrator unable to logon interactively"
- Next in thread: neo [mvp outlook]: "Re: administrator unable to logon interactively"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
