Solved

dumb noob mistake - permissions on C drive changed and can't log on at all W2k3 Server

Posted on 2007-03-27
7
164 Views
Last Modified: 2010-04-20
Ok. I can hear everyone yelling at me already. =(
We're going thru an Security Readiness Review and have been checking and configure servers we have on the network to make sure they're all compliant. I've been remotely logging on servers and manually checking and updating it. On one of the servers one of the "security alerts" that came up were improper ACLs to the C drive and it's sub folders. There were instructions on how to 'securely' set the permissions. So I went and changed it. Except I don't think I did it right. I'm not sure but I either may have accidentally messed up SYSTEM access or had not set Administrators access properly (although I swear I thought I did). And soon after I was unable to look inside the C drive or access any of the files. When I rightclicked the file and looked at the properites, the Security Tab disappeared. I went to the Start menu and tried to pull up Administrative Tools, but when I hover over it, it also comes up empty.
Then I did the major mistake. I told one of the other admins the problem and he suggested I try to log on using a local acct. I had reservations of logging off because I was afraid something bad might happen and I may not be able to access the Server.  But I did. I logged off. And tried to log back on (remotely). It failed. Went upstairs to the server and tried to directly log on the server, but it wouldn't come up with the username/pw prompt (it only came up with the CTRL+ALT+DELETE window and would keep jumping back to it).
Tried to manage it and it still wouldn't give me access. So now the server is basically unaccessible. Most likely because the system folders as well as everything else on the C drive is unaccessible. Short of taking the server down and reimaging it, is there anything I can do to set this right?
0
Comment
Question by:ThinkPaper
7 Comments
 
LVL 1

Expert Comment

by:Iateacricket
ID: 18803721
Not sure what services you're running, but if you're running exchange the exadmin account should be able to get in. If you borked the local, you should still be able to get in with a user that has domain admin access. Or I misread everything. :/
0
 
LVL 70

Accepted Solution

by:
KCTS earned 300 total points
ID: 18804059
If you have managed to remove permissions such to the extent that you can't even log in in safe mode then it looks like you are stuffed. Looks like a rebuild is on the cards.
0
 
LVL 48

Assisted Solution

by:Jay_Jay70
Jay_Jay70 earned 200 total points
ID: 18804107
ThinkPaper ,

not sure of the chances here but if you are running SP2 you can now use xacls from the recov console to reset permissions.....

Regards,

James
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 18

Expert Comment

by:Andrew Davis
ID: 18804154
as this is a server and dependant on how long you can afford to have it down (ussually not long) it sounds like its time to suck it up and ring microsoft support.
0
 
LVL 16

Author Comment

by:ThinkPaper
ID: 18808601
well, luckily the server isn't critical and isn't being used for any day-to-day things.. so i guess the answer is just reimaging it. >_<
0
 
LVL 16

Author Comment

by:ThinkPaper
ID: 18811038
well.. ended up reimaging it. a real careless mistake on my part. well.. i'll chalk it up to some onsite education.. O_O;
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 18812907
as long as you can take the positive!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Internet Protocol Security question 3 73
Cygwin - GNU GPL License 1 25
Scheduled Tasks Tweak 5 32
Applications / Web Apps that enable highlighting text on Web Pages 3 25
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
An article on effective troubleshooting
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question