• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 168
  • Last Modified:

Cannot logon to a Windows 2000 machine

Hello experts

This is a workstation running Windows 2000 Professional.  I changed some security settigs, but I was trying to allow myself to change some settings in Internet Explorer.  Once I had made the changes I tried to log back in and got the following eror message:

The local policy of this system does not permit you to logon interactively

I've tried logging in as adminsitrator and with my user login name.  I've tried both ways in safe mode.  They all give me the same error message.

Apparently I changed something I shouldn;t have, but since I can't log in I can't get back to the control panel to undo the changes.

Any ideas?

Thanks

thedslguy
0
thedslguy
Asked:
thedslguy
  • 2
1 Solution
 
imacgoufCommented:
0
 
imacgoufCommented:
See http://www.jsifaq.com/subg/tip3300/rh3361.htm


When you try to log on to your Windows 2000 computer, you receive:
The local policy of this system does not permit you to logon interactively.
This can occur if the Local Security policy has been set to deny local logon rights to Everyone.

To workaround this problem:
1. Connect to the problem computer with a Net use x: \\ProblemComputerName\C$ <Password> /u:Administrator
2. Navigate to the %SystemRoot%\Security\Database folder.
3. Rename Secedit.sdb to Secedit.old_sdb.
4. Copy an operational Secedit.sdb from a Windows 2000 platform of the same edition (Server to Server or Professional to Professional).
5. Shutdown and restart the problem computer.

NOTE: NTRights can be used to add the Log On Locally right remotely.

Other related: http://www.jsifaq.com/SUBP/tip7500/rh7579.htm


0
 
thedslguyAuthor Commented:
imacgouf:

I was posting a reply here and miskeyed so the grade showed up without any comments, but……

This post is coming from the problem machine!!   THANK YOU!!!!


Your first suggestion was a good start but your second suggestion was much easier.  I did modify it a little for my purposes.  I tried to access the machine remotely but the network path was not found.  Then I realized I just need access to that folder.  So I took the drive out and connected it to another W2K machine using an external housing and USB.  Then I did as you suggested (rename the old file and copy the needed file from the host machine).  After I got the drive back in and the machine re-booted It allowed me to log in.  I’ve decided to add that file to my “downloads” folder so I can access it from a command prompt in case I ever do this again.

Thanks again.  You saved me hours of rebuild time :)

thedslguy
0

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now