Cannot access Domain Controller or Domain Group Policy Objects
Posted on 2004-10-19
Environment: Windows 2003 Enterprise /IIS 6.0 web server- all critical updates
The problem DC holds the FSMO roles in a domain with 2 other DCs. AD integrated DNS.
I made some changes to my Domain Security Policy and the local Domain Controller Security Policy on the FSMO DC.(the same entries were changed in the DC GPO And the Domain GPO at the same time). Don't ask me which ones at this point, although I did enable the Rename Administrator Account which I think is causing some problems :)
I am signed in as administrator. Now I can't get to either the DC or Domain GPO so I can make changes. The system has locked me out. I tried a reboot with F8, Domain Controller recovery in Safe Mode but it didn't work. I am still locked out of the GPOs.
I am getting 1202 SceCli errors with an error code of 0x4b8, but there is no specific KB article addressing this problem.