Solved

Breaking Policy Win XP/SP1 Professional

Posted on 2004-10-26
295 Views
Last Modified: 2013-12-23
Is there a way to break a customized policy that was set as the Administrator?  How can I gain access to the registry and GPEdit.msc without reimaging drive?
0
Question by:contesa
    11 Comments
     
    LVL 2

    Expert Comment

    by:gavin_wickens
    Are you part of a domain or looking at a workgroup machine?  If you logged in as administrator are you restricted?
    0
     

    Author Comment

    by:contesa
    This pc is logging into the local work station ( there is no network policy).  By mistake a restrictive policy was set under the local admin account that restricted use of regedit, gpedit.msc, most items in the control panel.
    0
     
    LVL 2

    Expert Comment

    by:gavin_wickens
    Can you create another admin user and log in as that?
    0
     

    Author Comment

    by:contesa
    No because of the restrictiveness of the policy it is reading....... I need a way around the policy.
    0
     
    LVL 2

    Expert Comment

    by:gavin_wickens
    You will need to delete all .pol files.  I am assuming you can't do that due to policies..
    0
     
    LVL 2

    Expert Comment

    by:gavin_wickens
    Can you connect to the machine via netowork before you login and map a drive to \\problemmachine\c$ and then delete all .pol files?
    0
     
    LVL 1

    Expert Comment

    by:tricep
    If you boot into safe mode, is your regedit still locked down? Safe mode will bypass quite a few things, this might be one of them.
    0
     

    Author Comment

    by:contesa
    no, because of the policy.  I can't get to the .pol files. I tried to boot the pc into safe mode but that would not let me into the registry or gpedit.msc.    

      Please give a more detailed explaination on connecting to the machine via the network and mapping a drive to \\problemmachine\c$.  Keeping in mind that this is a novell network.
    0
     
    LVL 2

    Assisted Solution

    by:getzie
    As a low tech solution you could boot with a Knoppix CD that can read the partition and delete the .pol files.  Alternatively if the is a Win2K or XP box you could boot to the install CD and get to the repair console and  delete the pol files out that way.  This way you defeat the policies because you are booting to another OS.
    0
     
    LVL 1

    Assisted Solution

    by:tricep
    If you are on a Novell network, you could try and delete the .pol files through the login script.

    1) make a batch file to delete the .pol files and place it in a folder of your choosing (local machine or network)
         @ECHO OFF
         CMD /C DEL <PATH TO .POL FILES>
    2) run the batch file from the user's login script who will be logging in
        #z:\public\delpol.bat (assuming your batch file would be called delpol.bat and placed in the public folder on the z: drive)

    The login script might be run under some system process that could possibly allow it to delete files logged in users may not be able to do.

    gb

    Also, the batch file is written for Win2K/XP, so it would have to be modified for Windows 98, etc.
    0
     
    LVL 2

    Accepted Solution

    by:
    Can you logon to another PC (ensuring problem pc is on), right click my computer and select manage. Right click computer management local and select connect to another computer and connect to problem machine.  Once connected create a new local user on that machine and make it a memeber of the administrators group.  You should now be able to log on to problem pc with new account.  Regedit etc are user level policeies so you should be able to sort yourself out as there are no user policies set.
    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Sometimes you might need to configure routing based not only on destination IP address, but also on a combination of destination IP address (or hostname) and destination port number. I will describe a method how to accomplish this with free tools. …
    I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
    This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …
    In this sixth video of the Xpdf series, we discuss and demonstrate the PDFtoPNG utility, which converts a multi-page PDF file to separate color, grayscale, or monochrome PNG files, creating one PNG file for each page in the PDF. It does this via a c…

    856 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    12 Experts available now in Live!

    Get 1:1 Help Now