Re: Locked out of Computer - "Deny logon locally = Administrator"
- From: Mister Gene <MisterGene@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 3 Jul 2007 18:28:00 -0700
Roger,
Thank you for your response. Since I have no network the drive was pulled
and is in a computer running Windows XP as D:\. This problem drive has
Windows 2000 on it. I have three (3) questions for you.
1. How do I access the NTFS security dialog?
2. How do I set a "Deny of Full for Administrators" on the directory
"system32\GroupPolicy".
3. Is "gpedit" part of Windows 2000 and is it run from the "RUN" menu or
should I just go to the Admistrative tools - Local Security Policy and change
it?
Sorry for so many questions but I'm not a IT guy... LOL
Mister Gene
"Roger Abell [MVP]" wrote:
If you can access the boot drive of that system via the network,.
such as by mapping c$ admin share, then do so. Otherwise you
will need to pull the drive and hang it as a secondary on the other
running system. Either way, once you can access the NTFS security
dialog, set a Deny of Full for Administrators on the directory
system32\GroupPolicy. If disk removal was needed, replace.
Reboot the system, log in as an admin, remove the Deny and then
immediately run gpedit and remove the offending policies.
"Mister Gene" <MisterGene@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:EDBE6FA8-07D9-43A2-89D4-0F4AF06AA303@xxxxxxxxxxxxxxxx
Please excuse the length of this post but I feel all the details might be
necessary.
I have a computer that has Windows 2000 Professional Edition installed in
it.
While adding a router to My home, I called My Internet Service Provider
because I was having a problem setting it up. The Tech found out that My
cable modem had 2 IP addresses in it one of which was not theirs and not
the
one for the router. He said that it looked like some other computer was
tapped into the modem on a remote connection. I explained to him that I do
not connect to My computer remotely at all. He said that a hacker may have
obtained access to My computer through that IP address.
After the Tech cleared out the modem, reset it remotely and helped Me
configure the router as a firewall, He suggested that I download and
install
from Microsoft the Microsoft Baseline Security Analyzer which he said
would
help protect the security of My computer even more. After downloading,
installing and running the MBSA it said that there was no Local Security
Policy set on this computer.
Reviewing instructions I found at Microsoft's web site on how to install a
Security policy, I picked one of the basic "*.inf" files and installed it.
After opening the "Administrator tools", "Local Security Settings", and
then
"Local Policies" and then "User Rights Assignments", I did something
REALLY
dumb...
I set ALL the Policies to "Administrator"!!!
So... You guessed it I locked Myself out of the computer by the policy
"Deny
logon locally = Administrator". I have access to another computer that has
XP
on it. I can take the hard drive from the one that has the problem and
install it into the one that has XP on it.
HELP!!! Is there any way to correct this???
(BIG Lesson learned here!!!!)
Mr. Gene
- Follow-Ups:
- Re: Locked out of Computer - "Deny logon locally = Administrator"
- From: Roger Abell [MVP]
- Re: Locked out of Computer - "Deny logon locally = Administrator"
- References:
- Re: Locked out of Computer - "Deny logon locally = Administrator"
- From: Roger Abell [MVP]
- Re: Locked out of Computer - "Deny logon locally = Administrator"
- Prev by Date: Re: Locked out of Computer - "Deny logon locally = Administrator"
- Next by Date: Re: Locked out of Computer - "Deny logon locally = Administrator"
- Previous by thread: Re: Locked out of Computer - "Deny logon locally = Administrator"
- Next by thread: Re: Locked out of Computer - "Deny logon locally = Administrator"
- Index(es):
Relevant Pages
|
|
