Solved

Only Local Administrators can login

Posted on 2004-09-08
13
607 Views
Last Modified: 2012-05-05
No local or domain accounts can login unless they are member of the local administrators group

Log on locally settings checked in local policies, nothing restrictive there

Desktop fully patched

Behaviour: it accepts the username and password of any valid account, looks like it will login, goes to 'Loading Personal Settings...." Dialog, then goes straight to "Saving Personal Settings...." Dialog and back to CTRL+ALD+DEL Login window

It does create a local profile for the user, but kicks them out before getting to desktop

Any user added to the local administrators group can login fine but need to assign non admin account without wiping machine !

0
Comment
Question by:littlemissg
13 Comments
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 12005190
If you give the users local admin rights, log them in, then remove the local admin rights and log them back in, do they work normally?

I'm wondering if something with your default profile on that machine is screwed up.
0
 

Author Comment

by:littlemissg
ID: 12005970
good suggestion, I will try that asap
(machine is in diff location and cannot connect remotely prob due to same problem)
regards, LMG
0
 

Author Comment

by:littlemissg
ID: 12006673
Hi Leew

Tried that but no luck unfortunately.  Also deleted all local profiles (except AllUsers, Default & Administrator) to rule out any corruption, but same behaviour.

It would seem like its a policy or permission or registry corruption

LMG
0
 

Expert Comment

by:Bionicthumb2
ID: 12007307
Is a group policy object being applied to the machine from the domain or OU level?
Try running "gpresult -v" from the command-line to find out.

I've experienced the same behavior when there was no paging file configured for the workstation.
You might look at that.
0
 

Author Comment

by:littlemissg
ID: 12008705
Hi Bionichthumb2:

Both Domain and OU policies are being applied.
I have looked through the obvious Local Policy, User Rights Assignments etc. however and the effective setting should permit login to all.
There are several other machines in the domain with same policies applied.

I tried the Pagefile, there is one configured already.

Thanks anyway, any further ideas anyone ?

Regards, LMG
0
 
LVL 4

Expert Comment

by:averyb
ID: 12009826
Anything in Event Viewer on the machine in question?

Doesn't 2K only allow admins to login after all licenses on a network are used up?



0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 6

Expert Comment

by:Scott_Willcocks
ID: 12015364
does it happen in locally created account that will let you know if your .default profile is corrupt try creating a new user give them user rights and log on if it doesn't work then the .default is corupt

then create a local account and give local admin rights log in and
then copy the contents of the administrator profile into the .default making sure before you do it that you unhide all the files.

this will replace the .default with the current local admin account that can log on. then try and log on as a user.
0
 

Author Comment

by:littlemissg
ID: 12026151
Hi

Averyb:  re: EventViewer No I had checked there and it doen't log anything at all for the occurance of this
re: Licenses, I haven't heard of this, but don't imagine it should effect local logins, but if you know more about this if you think it may be it, let me know, thanks


Scott Willcocks:  I tried as you said, but unfortunately didn't work.  
Also logged in with Domain account with mandatory profile residing on server (so that I assume the Default Profile not reference) and same behavoiur, so it would seem we have ruled out it being a profile problem.  Thanks for suggestion though it sounded like good one and I was hopeful of its sucess.

Any other ideas anyone ?  I'm thinking it may be a registry corruption somewhere perhaps, but how to fix, without rebuild ??

Cheers,
LMG

0
 
LVL 6

Accepted Solution

by:
Scott_Willcocks earned 500 total points
ID: 12026512
I would logon and check these three files permissions

winlogon.exe
msgina.dll
and
user32.dll

see if system and admin has full control users should have at least read write permissions

also try setting windows logon debug

http://support.microsoft.com/default.aspx?scid=kb;EN-US;221833

and post log file..
0
 
LVL 6

Expert Comment

by:Scott_Willcocks
ID: 12026740
also check this registry key regedt32 and check the permissions as this key will hold the log on logoff dll information

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon


0
 
LVL 6

Expert Comment

by:Scott_Willcocks
ID: 12026826
also do a search for userinit in the registry check the path hasn't been changed to c:\documents and settings\administrator\

or a folder that only the administrator has access to this will also cause a loop

some viruses have been none to do this

and do a search for the userinit.exe and  check the permissions on that file that is all
I can remember at the mo

hope this helps

need coffee now where is my manager?

:)

0
 

Author Comment

by:littlemissg
ID: 12028331
THANK YOU Scott

Started with your first suggestion and all files had no users, just administrators and one other user (this was a student user who was given local admin to setup machine, so obviously took full advantage of this privilege)
Anyway reset perms on those 3 files, this didn't work, but made me realise this student had stripped permissions from WINNT level for 'Users' group
So replaced these and all working again

Thank you, points well deserved

Cheers, I will enjoy my weekend now that that's sorted, it was buggin me :)

LMG
0
 
LVL 6

Expert Comment

by:Scott_Willcocks
ID: 12041862
glad to help I know how annoying these things can be :)
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Active Directory Replication 10 1,129
Windows 2000 Server Pagefile.sys Error 7 636
Windows 7 7 255
Change port for terminal servers (2000 and 2003) 3 140
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
HOW TO: Connect to the VMware vSphere Hypervisor 6.5 (ESXi 6.5) using the vSphere (HTML5 Web) Host Client 6.5, and perform a simple configuration task of adding a new VMFS 6 datastore.
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now