Re: Locked out of Win2k Server
From: Mark Gamache (mark.gamache_at_css-security.com)
Date: Fri, 11 Feb 2005 11:26:58 -0800
If you have a machine that is in a workgroup, but has the adminpack.msi
installed, so it can manage domains, you can login locally to it, and then
use Run As to connect to the domain and edit the GPO. This uses DCOM, if I
recall, none the less, you aren't logging in interactively.
-- Mark Gamache Certified Security Solutions http://www.css-security.com "Don Wilwol" <firstname.lastname@example.org> wrote in message news:usNEKgGEFHA.624@TK2MSFTNGP09.phx.gbl... > It sounds like you inadvertently set the policy on the default domain > policy, or you linked it to the domain and not the OU. > > Maybe somebody else has a magic cure. I don't think there is an easy fix. > > dw > > -- > Don Wilwol > http://spaces.msn.com/members/wilwol/ > > > "[-=Dan=-]" <email@example.com> wrote in message > news:3746bpF59esocU1@individual.net... >> "Don Wilwol" <firstname.lastname@example.org> wrote in message >> news:OWd$WTEEFHA.1496@TK2MSFTNGP14.phx.gbl... >>> I'm not sure I fully understand. You can not log onto the domain from >>> anywhere, or just from the one server. If you can get to the policy, you >>> should be able to undo your mistake. If you can log on from anywhere, I >>> had a colleague that had a customer do the same thing. I found this hack >>> for him. We never got to try it, they wound up restoring AD from backup, >>> but if its the last hope! >>> http://www.commodore.ca/windows/undo_group_policy.htm >>> >>> >>> good luck >>> >>> dw >>> >> The strangest thing. I just rebuilt the member server, did all the >> windows updates, installed AVG software. Runs ok. As soon as I join it >> onto the domain, when I reboot I cannot log into the domain, or locally. >> Get the same message. How can a user policy that I applied to an OU that >> contains one user, be applied to this server? I'm well stumped. I don't >> want to rebuild both servers.... >> >> Any thoughts *GREATLY* appreciated... >> >> Dan >> > >