Solved

local rule locks admin out! after reboot my w2k server declines any login by local or domain admin. is there any chance to login again?

Posted on 2004-03-23
6
147 Views
Last Modified: 2010-04-13
I have a 2 server system running. Maschine A is the DC and Maschine B will be used just as Fileserver. During setup everything was configured as a workgroup and later on I set up the DC and moved Maschien B onto the Domain. On Both Maschines the Terminal Services were installed and running. After Reboot of Maschine A all worked fine but Maschine B came up with a message that the terminal service licenz service could not start up. I didn´t mind that error as I was expecting to fix it later on but today I had to restart both maschines as new dirvers were installed and now Maschine B declines all login request by any admin (local or domain) the message tells me interactive login forbitten by local security settings. Is there any workaround so I could login with admin rights and try to fix the local login settings?
0
Comment
Question by:fm44
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 3

Expert Comment

by:infradawn
ID: 10657001
If B is still a member of the domain configure Group Policy (on the DC) to overide any local policy so that defined users (administators) are granted interactive logon on B.


iD
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 10657399
Try booting up machine "B" with "Last Known Good Config" if you haven't logged in since the problem occured. Worth a try.
0
 

Author Comment

by:fm44
ID: 10685795
I will try but actually I can´t log in with der domain admin either
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 3

Expert Comment

by:infradawn
ID: 10702800
Do you mean that you can't logon to the DC either?

iD
0
 

Author Comment

by:fm44
ID: 10703105
No, sorry if I gave you the wrong impression. I can´t login on maschine "B" using the domain admin account.
0
 
LVL 3

Accepted Solution

by:
infradawn earned 500 total points
ID: 10712757
Ok, so you need to logon to machine 'A' (the DC) with your Domain Admins account and configure Group Policy (Restricted Groups) so that when that policy is applied to machine 'B' (every 90 minutes by default or after a re-boot) the local\administrators group on machine 'B' has the Domains Admin group as a member. Then you'll be able to logon to machine 'B' with any Domain Admins account.


iD
0

Featured Post

What Is Transaction Monitoring and who needs it?

Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question