Cannot Shutdown or Restart Windows 2003 Server (Domain Controller)

I have a Windows Server 2003 box that will not let me shut it down or restart.

The "shut down windows" box only has a "Log off [user]"

Every administrator has logged into the box with the same error.  I have not tried creating a new administrator in Active Directory, but will try that tomorrow morning.

Have attempted to shutdown/restart from the command line with shutdown.exe [attmepted with -i  and -r], but get a message reading "Access is denied.(5)"

The last action that I have taken on the box was to reinstall Symantec Backup Exec 10 (recovering from a disk array crash last week, the backup software would not allow me to back up to tape following recovery, so I was attempting to remove and reinstall it.)  I was able to restart after the removal.  However, I have not been able to do so since the reinstall.

Short of pulling the plug or holding in the power button, any thoughts on how I can reboot the machine?  

I have seen a suggestion (http://www.experts-exchange.com/Operating_Systems/WinXP/Q_20756919.html) for psshutdown (http://www.sysinternals.com/ntw2k/freeware/psshutdown.shtml), and will try this tomorrow if we can't get to the root of this today.

FYI There is a very limited window of opportunity for attempting as this is a critical box that I can only attempt to reboot at 6 AM Eastern.
NPSRWRAsked:
Who is Participating?
 
chuck-williamsCommented:
Is there more than one domain controller. If so and the other DCs are logging in fine then the above suggestion may not be helpful.
0
 
chuck-williamsCommented:
I would check the local security policy and see who has rights to shut down the system. It may have been corrupted or Administrators may have been removed for some reason.

If you go to Administrator Tools and Local Security Settings. Then you navigate to Local Policies and User Rights Assignment look and see who has rights to shut down the system.
0
 
NPSRWRAuthor Commented:
Hi chuck-williams,

I don't have a Local Security Settings in Administrative Tools.  Is there another way to find this?

Perhaps because this is a domain controller I have to access these settings through Active Directory?

Thanks!
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
NPSRWRAuthor Commented:
I meant to mention there is nothing in the Event log (that I can find) related to the Access Denied message following the shutdown.exe invocation.
0
 
chuck-williamsCommented:
Oh then you need to check the Domain Controllers Security Policy.
0
 
NPSRWRAuthor Commented:
Hi chuck-williams,

I think you may be on to something.  I hadn't tried logging in to the other Domain Controller.  It is a Windows 2000 Server box.  I tried logging in as two members of the Administrators group and get this message:

"The local policy of this system does not permit you to logon interactively."

In the group policy for Domain Controllers, for the Log on locally and the shut down the system Policies, the Policy Setting includes "Administrators."  

The users that I have attempted this with are members of the built in "Administrators" group.  I added myself explicitly, and am still getting the same message (however, I'm not sure how long I would need to wait for the change to propogate to the DC.

Any thoughts?

Thank you for your help thus far!

0
 
NPSRWRAuthor Commented:
I tried logging in to the second domain controller and am now able to login.  So clearly I hadn't waited long enough.  The administrator account could not login (I did not).

The second domain controller also only gives the "Log off [user]" option as well

It seems as though Active Directory has stopped recognizing the members of the built in Administrators group, or at least the DCs have.

Thank you for you help, chuck-williams!

I will post a second question to see if you or someone else can come up with an explanation as to what happened to cause this.

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.