Re: Interactivity Logon not permitted

• Previous message: Steven L Umbach: "Re: CHKDSK: Usn Journal Corruption"
• In reply to: G. Vaught: "Interactivity Logon not permitted"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sun, 16 Oct 2005 19:16:17 -0500

Somehow you botched up the logon locally or deny logon locally user rights
or are trying to logon as an account that does not have logon locally user
rights. If you still have network access you should be able to use Computer
Management from your XP computer to view the security logs on the Windows
2000 computer to see what is recorded in the security logs [if auditing is
enabled for logon events] and you should also be able to view Local Users
and Groups to see what users are in the administrators group to try and
logon as. There is a free tool called dumpsec from SomarSoft that may allow
you to view the user rights of the Windows 2000 computer when installed on
the XP Pro computer and using the option for select computer. Another thing
you could try assuming you have network connectivity for file and printer
sharing between the two computers is to use psexec from SysInternals to
remotely access the command prompt on your Windows 2000 computer and run
commands such as secedit to try and reset user rights and security options
to default levels as shown in the first link below. Note that you have the
option to use the /areas switch if you do not want to reset everything
though at minimum I would start with user_rights and then try securitypolicy
if that does not help. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;EN-US;313222 --- using
secedit to reset security settings to default defined levels
http://www.sysinternals.com/utilities/psexec.html --- psexec

.
"G. Vaught" <glvaught@hotmail.com> wrote in message
news:eMoGgpo0FHA.2076@TK2MSFTNGP14.phx.gbl...
>I don't know what I exactly did, but somehow I am prevented from not only
>logging on as an Admin, but under my own user name. The message I get is:
>"The local policy of the system does not permit you to logon interactively.
>I did a search on the Knowledge Base and did have info returned, but I
>accidently closed the results and now when I search again, I don't get the
>same results.
>
> I did see a similar post so I downloaded the Windows Server 2003 Resource
> Kit and tried a few things under ntrights, but I don't believe it will
> work from my laptop.
>
> Here is some background.
>
> Windows 2000 Pro NTFS Networked as a workgroup.
>
> Replaced current hd due to failure of other.
>
> Was in the process of trying to get back my ability to network from my
> laptop (Windows XP NTFS) back to my desktop.
>
> Was able to get reverse connection Desktop to Laptop, but can't from
> Laptop to Desktop through windows.
>
> Prior to goof, could log on as Admin w/password; could not logon with own
> username / password SO
>
> Open windows security to verify I had logon locally privileges. Made a few
> changes, some I remember:
> Renamed Administrator Account
> Disabled Guest Account
> Audit the access of global system objects to - Enabled
> Do not display last user name - Enabled
> Changed number of Logon cached from 10 to 5
> I do not think I denied anyone to log on locally, but may have added
> Guest.
> I do not think I change anything with requiring Domain Controller
> authentication to unlock workstation as I don't have a domain controller,
> just a workgroup
> I may have changed: Do not allow anonymous enumerations of SAM accounts
> and/or Shares. May have changed both to enabled.
>
> Any help in correcting this problem would greatly be appreciated.
>
> If worse comes to worse I guess I can reinstall Windows 2000 Pro. I did
> make a ERD yesterday, so I could apply this after the install and because
> of my other hd failure I do have data backups.
>
>
>

• Previous message: Steven L Umbach: "Re: CHKDSK: Usn Journal Corruption"
• In reply to: G. Vaught: "Interactivity Logon not permitted"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]