I created 2 new admin accounts which have domain admin and enterprise admin accounts on a domain controller, disabling the old administrator account.
Unbeknown to me, the person that installed the server used Group Policy to lock down access to the old administrator account only. Interactive login is not allowed on the 2 other domain admin accounts. This is a local policy.
I can access the server in safe mode and active diectory restore mode, but this client has not had a backup for a week (I don't believe new accounts have been created) but when running in either of these modes, the tape device drivers are not loaded.
To make matters worse, the previous person stated that the only person that can access PC's is the administrator account for the domain NOT domain admins. Was going to use the admin pack/dsa to re-enable the account to get in and remove the policies.
Is there a way I can disabled group policy (Registry/remove policy files) to disable it? or does anyone know a way to get back into this server?
The guy who installed it is not available to conatct for the moment.
A very frustrated/hairless techie.