Solved

Windows 2k Pro GPO's

Posted on 2004-04-07
7
126 Views
Last Modified: 2010-04-13
I've recently set some GPO's on a Win2k Pro box while logged in with an acct that has admin rights.  One thing I did was to enable renaming of the Admin acct.  Somewhere along the way, the admin acct now has a username of "Enabled".  Now I can't view the Local Security Policy in the MMC anymore. Nor can i log in as "Enabled".  I can't even view the properties of my own acct in the Users/Groups MMC.  Is there a way to set all the security policies back to default?
Thanks
0
Comment
Question by:NYOMSF1
7 Comments
 
LVL 16

Accepted Solution

by:
JamesDS earned 250 total points
ID: 10775770
If this machine is on a domain then you can fix the policy at domain level or at local level from another workstation using the MMC Snap in "Group Policy" and pointing it at the appropriate place (domain or local policy)

If this is a standalone box then you will still need another machine to be able to fix it properly - assuming you can even connect to the box remotely, which is looking pretty unlikely

However, if you boot from the CD and use the recovery console you can use DOS commands to navigate to \\WINNT\SYSTEM32\CONFIG and delete the SAM file. This will wipe out all your local accounts and policies and reset the account to Administrator with a blank password BUT (BIG BUT)

This is a **very** destructive thing to do, you will lose any settings attached to your local accounts and anything that you have encrypted with certificates will be gone permanently

Use only as a last resort

Cheers

JamesDS
0
 
LVL 1

Expert Comment

by:lesgetdown
ID: 10776029
Here's another little trick that can be applied as well
Create a boot disk and then boot to this disk for the capability of being able to change the local administrator or other user passwords.

Check out this site for info how:

http://home.eunet.no/~pnordahl/ntpasswd/bootdisk.html


les
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 10776077
certainly this is worth a try and WAY less destructive than killing the SAM file, but I'm not sure the password is the issue here. I think the system is just not happy with having an admin account called "enabled"

JamesDS
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 

Author Comment

by:NYOMSF1
ID: 10784834
Thanks!
I can access the GP MMC from my XP box. Both standalone, but still don't have access to view 'the template' when trying to open the
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 10785736
erm, where's the rest of the question!

JamesDS
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11998569
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I will leave the following recommendation for this question in the Cleanup topic area:
    Accept: JamesDS {http:#10775770}

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

jdeclue
EE Cleanup Volunteer
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Group Policy 9 558
Windows 2003 server: List of EVENT IDs 1 714
Active Directory Replication Problem after creating new NIC's VMWare ESXi Windows 2000 3 791
windows explorer 21 172
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
When rebooting a vCenters 6.0 and try to connect using vSphere Client we get this issue "Invalid URL: The hostname could not parsed." When we get this error we need to do some changes in the vCenter advanced settings to fix the issue.
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now