• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 181
  • Last Modified:

dumb noob mistake - permissions on C drive changed and can't log on at all W2k3 Server

Ok. I can hear everyone yelling at me already. =(
We're going thru an Security Readiness Review and have been checking and configure servers we have on the network to make sure they're all compliant. I've been remotely logging on servers and manually checking and updating it. On one of the servers one of the "security alerts" that came up were improper ACLs to the C drive and it's sub folders. There were instructions on how to 'securely' set the permissions. So I went and changed it. Except I don't think I did it right. I'm not sure but I either may have accidentally messed up SYSTEM access or had not set Administrators access properly (although I swear I thought I did). And soon after I was unable to look inside the C drive or access any of the files. When I rightclicked the file and looked at the properites, the Security Tab disappeared. I went to the Start menu and tried to pull up Administrative Tools, but when I hover over it, it also comes up empty.
Then I did the major mistake. I told one of the other admins the problem and he suggested I try to log on using a local acct. I had reservations of logging off because I was afraid something bad might happen and I may not be able to access the Server.  But I did. I logged off. And tried to log back on (remotely). It failed. Went upstairs to the server and tried to directly log on the server, but it wouldn't come up with the username/pw prompt (it only came up with the CTRL+ALT+DELETE window and would keep jumping back to it).
Tried to manage it and it still wouldn't give me access. So now the server is basically unaccessible. Most likely because the system folders as well as everything else on the C drive is unaccessible. Short of taking the server down and reimaging it, is there anything I can do to set this right?
2 Solutions
Not sure what services you're running, but if you're running exchange the exadmin account should be able to get in. If you borked the local, you should still be able to get in with a user that has domain admin access. Or I misread everything. :/
If you have managed to remove permissions such to the extent that you can't even log in in safe mode then it looks like you are stuffed. Looks like a rebuild is on the cards.
ThinkPaper ,

not sure of the chances here but if you are running SP2 you can now use xacls from the recov console to reset permissions.....


Train for your Pen Testing Engineer Certification

Enroll today in this bundle of courses to gain experience in the logistics of pen testing, Linux fundamentals, vulnerability assessments, detecting live systems, and more! This series, valued at $3,000, is free for Premium members, Team Accounts, and Qualified Experts.

Andrew DavisManagerCommented:
as this is a server and dependant on how long you can afford to have it down (ussually not long) it sounds like its time to suck it up and ring microsoft support.
ThinkPaperIT ConsultantAuthor Commented:
well, luckily the server isn't critical and isn't being used for any day-to-day things.. so i guess the answer is just reimaging it. >_<
ThinkPaperIT ConsultantAuthor Commented:
well.. ended up reimaging it. a real careless mistake on my part. well.. i'll chalk it up to some onsite education.. O_O;
as long as you can take the positive!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now