Re: Logon Error Msg: local security policy won't permit interactive lo
From: Roger Abell (mvpNOSpam_at_asu.edu)
Date: 11/30/04
- Next message: Steven L Umbach: "Re: Logon Error Msg: local security policy won't permit interactive lo"
- Previous message: Steven L Umbach: "Re: Logon Error Msg: local security policy won't permit interactive lo"
- In reply to: Steven L Umbach: "Re: Logon Error Msg: local security policy won't permit interactive lo"
- Next in thread: Steven L Umbach: "Re: Logon Error Msg: local security policy won't permit interactive lo"
- Reply: Steven L Umbach: "Re: Logon Error Msg: local security policy won't permit interactive lo"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 29 Nov 2004 20:35:04 -0700
Hi Steve,
Actually, with a parallel install, one can set a deny on the
%system32%\group policy folder (deny administrators) of
the other system, just like one does with access via a network
share mapping.
This prevents application during the admin login so that
they can then remove the deny and edit the policy to remove
the offending setting.
-- Roger "Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message news:JJRqd.176476$R05.95923@attbi_s53... > The link below shows two ways to do it but both require the help of another > computer on the network. > > http://www.jsiinc.com/SUBG/TIP3300/rh3361.htm > > If you don't have another computer to help you, the only alternatives I know > are to install a parallel operating system to try and replace the > secedit.sdb file from the parallel installation. Otherwise you will need to > do a fresh install of the operating system - an upgrade install will not > work if I remember correctly. What you could do is to reinstall the > operating system into the existing \winnt folder being sure NOT to format > anything. You would follow the prompts to install the operating system onto > the same drive and then the installation will warn you that an existing > installation exists and ask if you want to install to the existing \winnt > folder. When you select yes I believe you have to select L to proceed. > > The advantage of this type of install is that your data and original > profiles will be preserved but all your applications [other then Internet > Explorer] will have to be reinstalled, probably to existing locations as in > "on top" of themselves. You would then have to install the latest service > pack and critical updates and find your old profile under documents and > settings folder to copy your data, emails, etc. That could be a lengthy task > if you do not have a high speed internet connection and you would have to be > sure that a firewall protects your computer before connecting it to the > internet. Also if you happen to have any EFS encrypted files they will be > lost forever if you do not have a backup of your EFS private key used to > encrypt the files in a .pfx file somewhere. > > Otherwise try a parallel installation first though there is no guarantee > that replacing secedit.sdb on the locked out install will work. The upside > is that if it works, all your applications will still work and you will not > have to install service pack or critical updates and at the very least you > will have access to your data, though you will probably need to take > "ownership" of the profile folders first as an administrator. To do such you > will need to boot from the cdrom drive and install a new copy of the > operating system, preferrably to another partition of your hard drive and do > NOT format a partition unless you are willing to lose all the data on it. > See the link below for more info. Good luck. --- Steve > > http://support.microsoft.com/kb/266465 > http://support.microsoft.com/default.aspx?scid=kb;en-us;308421 -- works the > same in W2K. > > "retjefe" <retjefe@discussions.microsoft.com> wrote in message > news:ECF36415-812F-4FDA-8217-639EE77466DD@microsoft.com... > >I messed up while creating a user account for my kid and setting > >permissions > > in W2K Professional (SP-2 was last update) ... After reading article ID > > 285793 on the subject, I think I know what I did wrong and how to fix it(I > > accidentally set the "Deny logon locally" parameter). The resolution in > > the > > article however, assumes you can get logged on ... I can't get past the > > logon > > screen. I tried lauching in safe mode and I tried using my W2K startup > > disc > > w/CD support but neither way worked. Is there any way to bypass the > > "applying local security policy" function when windows launches so that I > > can > > actually get logged on to fix my mistake? > > > > Any help would be greatly appreciated. > > Russ > >
- Next message: Steven L Umbach: "Re: Logon Error Msg: local security policy won't permit interactive lo"
- Previous message: Steven L Umbach: "Re: Logon Error Msg: local security policy won't permit interactive lo"
- In reply to: Steven L Umbach: "Re: Logon Error Msg: local security policy won't permit interactive lo"
- Next in thread: Steven L Umbach: "Re: Logon Error Msg: local security policy won't permit interactive lo"
- Reply: Steven L Umbach: "Re: Logon Error Msg: local security policy won't permit interactive lo"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
