?
Solved

local rule locks admin out! after reboot my w2k server declines any login by local or domain admin. is there any chance to login again?

Posted on 2004-03-23
6
Medium Priority
?
150 Views
Last Modified: 2010-04-13
I have a 2 server system running. Maschine A is the DC and Maschine B will be used just as Fileserver. During setup everything was configured as a workgroup and later on I set up the DC and moved Maschien B onto the Domain. On Both Maschines the Terminal Services were installed and running. After Reboot of Maschine A all worked fine but Maschine B came up with a message that the terminal service licenz service could not start up. I didn´t mind that error as I was expecting to fix it later on but today I had to restart both maschines as new dirvers were installed and now Maschine B declines all login request by any admin (local or domain) the message tells me interactive login forbitten by local security settings. Is there any workaround so I could login with admin rights and try to fix the local login settings?
0
Comment
Question by:fm44
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 3

Expert Comment

by:infradawn
ID: 10657001
If B is still a member of the domain configure Group Policy (on the DC) to overide any local policy so that defined users (administators) are granted interactive logon on B.


iD
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 10657399
Try booting up machine "B" with "Last Known Good Config" if you haven't logged in since the problem occured. Worth a try.
0
 

Author Comment

by:fm44
ID: 10685795
I will try but actually I can´t log in with der domain admin either
0
Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

 
LVL 3

Expert Comment

by:infradawn
ID: 10702800
Do you mean that you can't logon to the DC either?

iD
0
 

Author Comment

by:fm44
ID: 10703105
No, sorry if I gave you the wrong impression. I can´t login on maschine "B" using the domain admin account.
0
 
LVL 3

Accepted Solution

by:
infradawn earned 1500 total points
ID: 10712757
Ok, so you need to logon to machine 'A' (the DC) with your Domain Admins account and configure Group Policy (Restricted Groups) so that when that policy is applied to machine 'B' (every 90 minutes by default or after a re-boot) the local\administrators group on machine 'B' has the Domains Admin group as a member. Then you'll be able to logon to machine 'B' with any Domain Admins account.


iD
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
In today's business world, data is more important than ever for informing marketing campaigns. Accessing and using data, however, may not come naturally to some creative marketing professionals. Here are four tips for adapting to wield data for insi…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question