• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 143
  • Last Modified:

Windows 2k Pro GPO's

I've recently set some GPO's on a Win2k Pro box while logged in with an acct that has admin rights.  One thing I did was to enable renaming of the Admin acct.  Somewhere along the way, the admin acct now has a username of "Enabled".  Now I can't view the Local Security Policy in the MMC anymore. Nor can i log in as "Enabled".  I can't even view the properties of my own acct in the Users/Groups MMC.  Is there a way to set all the security policies back to default?
1 Solution
If this machine is on a domain then you can fix the policy at domain level or at local level from another workstation using the MMC Snap in "Group Policy" and pointing it at the appropriate place (domain or local policy)

If this is a standalone box then you will still need another machine to be able to fix it properly - assuming you can even connect to the box remotely, which is looking pretty unlikely

However, if you boot from the CD and use the recovery console you can use DOS commands to navigate to \\WINNT\SYSTEM32\CONFIG and delete the SAM file. This will wipe out all your local accounts and policies and reset the account to Administrator with a blank password BUT (BIG BUT)

This is a **very** destructive thing to do, you will lose any settings attached to your local accounts and anything that you have encrypted with certificates will be gone permanently

Use only as a last resort


Here's another little trick that can be applied as well
Create a boot disk and then boot to this disk for the capability of being able to change the local administrator or other user passwords.

Check out this site for info how:


certainly this is worth a try and WAY less destructive than killing the SAM file, but I'm not sure the password is the issue here. I think the system is just not happy with having an admin account called "enabled"

Train for your Pen Testing Engineer Certification

Enroll today in this bundle of courses to gain experience in the logistics of pen testing, Linux fundamentals, vulnerability assessments, detecting live systems, and more! This series, valued at $3,000, is free for Premium members, Team Accounts, and Qualified Experts.

NYOMSF1Author Commented:
I can access the GP MMC from my XP box. Both standalone, but still don't have access to view 'the template' when trying to open the
erm, where's the rest of the question!

No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I will leave the following recommendation for this question in the Cleanup topic area:
    Accept: JamesDS {http:#10775770}

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

EE Cleanup Volunteer
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now