Could changing the admins password cause The local policy of this system not permit you to logon interactively

Story line:

A user of a remote 2k server was in the sharing and security settings of a server I manage remotely
I know this because when I did a remote admin into the system I caught them red handed,, grin

To prevent any further tampering with its security I took control and changed the administrators password
Changes were accepted with no warnings or errors.

I logged off the server and called the company to bitch. :)

Once my point was taken I tried to log beck into the server and I now get

“The local policy of this system does not permit you to logon interactively” Major Bummer!

After several attempts to login the system was restarted and windows changed what looked like every files security settings, it took 5 to 10 min to complete.

There network is back up but the server is running with out a driver,,, NO ONE had local login rights but the admin. And now the admin is out!

Questions:

 Could changing the admins pw cause this?

TIA
LVL 7
5thcavAsked:
Who is Participating?
 
farpostConnect With a Mentor Commented:
looks like you do not have local login right in your  policy.
Check this article:
http://www.jsiinc.com/subg/tip3300/rh3361.htm
0
 
Lee W, MVPConnect With a Mentor Technology and Business Process AdvisorCommented:
I've seen similar things, but for me, reboots solved it.
0
 
5thcavAuthor Commented:
It just seems very strange and highly unlikely by changing the PW would remove the admin from the local login especially when i caught a clueless employee in the user security settings via a remoteAdmin visit.
What timing! They won’t pay for me to come in a fix it. :)
0
2018 Annual Membership Survey

Here at Experts Exchange, we strive to give members the best experience. Help us improve the site by taking this survey today! (Bonus: Be entered to win a great tech prize for participating!)

 
snowsurferCommented:
What happened sounds like someone was messing with the local security policy.  You can set the machine to reboot after several failed attempts, this is to prevent a TSR program to load and bang away with dictionary attacks.  
0
 
5thcavAuthor Commented:
o dont think so, the server fully boots to the login screen where no uses even the admin have local login rights
i made sure only the admin could localy log into the servers desktop prior to the user removing the admin rights.

the office had the admins login id and password,  they used that to login localy. come to find out they had the security sheet next to the server.
0
 
5thcavAuthor Commented:
in any case i told them i would try and fix it using ntrights.exe from a remote login with the admin account for free and told them to find another admin for the 6 user network. they said not to bother.

i dont think they fully understand whats at stake when they get there brothers friends son of the guy next door to fix this issue. i have sql2k running, tape backups, raid drives, quickbooks and striped drives, firewalls and routing going.

its not going to be a pritty site.
0
 
5thcavAuthor Commented:
im not sure what happend my guess is someone added the admin to a group that didnt have local login access
and im going to STICK TO IT

thanks leew

thanks for the site farpost
0
All Courses

From novice to tech pro — start learning today.