?
Solved

Help with Security Policy

Posted on 2006-04-24
7
Medium Priority
?
226 Views
Last Modified: 2010-04-18
Ok, I have a tech that was making remote adjustments to a domain security policy.  I am not sure exactly what he has done but it seems he has disabled local login.  I get the standard can't log on interactively notice from all accounts, including admin accounts.  To make matters worse it appears he either removed terminal services or blocked remote access as well because I can't remote into the system anymore.

HELP Please I have to regain control of this server...and don't want to have to reinstall.
0
Comment
Question by:AkuHST
  • 3
  • 2
  • 2
7 Comments
 
LVL 11

Accepted Solution

by:
star_trek earned 1200 total points
ID: 16527764
go to the group policy tab  -click edit - go to conputer config - security settings - lical policies - user rights assts  

allow logon through terminal services, add admins and remote desktop users and also  check for deny logon through terminal services, remove all the users and groups that are allowed to logon to terminal services
0
 
LVL 11

Assisted Solution

by:star_trek
star_trek earned 1200 total points
ID: 16527814
Also at the same place "deny logon locally" remove the users that need to log on locally to the machine

Also at security settings - local policies - security options - change the interactive logon plocies according to your company's security policy
0
 

Author Comment

by:AkuHST
ID: 16528011
No the issue is I can't log into the server.  I know what needs to be changed, but I am unable to get past the login, even with full Domain admin access.
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 
LVL 12

Assisted Solution

by:Rant32
Rant32 earned 300 total points
ID: 16529300
Do you have any machine (client or server) currently logged on?

Any other sibling/parent/child domains that aren't affected by the Domain policy?
0
 

Author Comment

by:AkuHST
ID: 16564826
Nope,  Ended up just reinstalling the OS.  Solved the problem...thanks to everyone what tried.
0
 
LVL 12

Expert Comment

by:Rant32
ID: 16569112
AkuHST,

Glad you got this sorted. Can you make a recommendation on what to do with the question, or close it?

Thanks.
0
 

Author Comment

by:AkuHST
ID: 16578795
Resolved with reinstall rather than presented solutions.

Rewarded points for assistance attempts.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Loops Section Overview
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question