Domain Admin can't login to a vista computer if locked by a user, why?

In a Server 2003 Enviroment where all workstations have smart cards installed I've noticed I can't log into Vista computers if the user has the workstaion locked. In Win XP i see the "this workstaion in in use and has been locked..." message so i press Ctrl Alt Del and after entering my credentials it forces that user off and lets me log in. Vista however gives me the same message but i can't enter my credientials. It gives me a screen like the login one with boxes for the currently logged on user or smart card. No "other" box like the login screen does where I could enter admin credientials. How can I as admin get it so i can logonto a computer locked by a user without killing power and restarting?
charles_dilgerAsked:
Who is Participating?
 
charles_dilgerConnect With a Mentor Author Commented:
I just figured this out but I don't know why its like this. When you first press crtl alt del and get the options for the current user or the smart card you can hit esc a few times and it goes back to a press crtl alt del screen again but this time when you do that you get a new option "switch user" it let's me log in with any other user admin or not. It doesnt let me force the first user to log off but I can access the compter and if needed restart it safely allowng me to clear the user accounts.

This workes fine for me.

Any one have ideas why it does this?
0
 
Casey HermanCitrix EngineerCommented:
Has domain admins be added to local administrator's group?

Casey
0
 
charles_dilgerAuthor Commented:
Yes and under xp I can log users out fine. This only seams to apply to Vista where i can't log them out.
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
Casey HermanCitrix EngineerCommented:
so it is showing on the vista machine that it is there. OK  
Then have you tried disabling vista's advanced security features... you know the allow or deny crap.  It may be asking the empty session if it wants to allow the Administrator to log in and log the other session off.

Casey
0
 
charles_dilgerAuthor Commented:
you mean the UAC? No I havent tried urning that off yet. Its not asking for permission or anything in fact it says user xyz or an administrator can log into the computer but then desnt give me a place to enter a different username. I'll try killng the uac and see f that helps.
0
 
grayeCommented:
So describe the screen that you see again....  is it the "3 box" version for name, password, domain?   Or is it the "2 box" version for CertID, and PIN

Switching bewteen the two screens generally just takes another Crtl-Alt-Del or  a plull/insertion of the Smart Card
0
 
charles_dilgerAuthor Commented:
It's the "3 box" version. It first says the computer is in use and required you press CRTL Alt Del then i get two of the vista style logon buttons like for user accounts. One with the name domain\user (for the loged in user) and another that says insert smart card.
0
 
grayeCommented:
So, when you attempt to "take over" the currently running users session, are you using a Name/Password pair or a ID/PIN pair?
0
 
charles_dilgerAuthor Commented:
Just a username and password. Either mine, a member of the administrators group or as the domain admin. We don't use smart cards for logins just other stuff once logged in.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.