Solved

Domain Admin can't login to a vista computer if locked by a user, why?

Posted on 2008-06-15
9
1,138 Views
Last Modified: 2013-12-04
In a Server 2003 Enviroment where all workstations have smart cards installed I've noticed I can't log into Vista computers if the user has the workstaion locked. In Win XP i see the "this workstaion in in use and has been locked..." message so i press Ctrl Alt Del and after entering my credentials it forces that user off and lets me log in. Vista however gives me the same message but i can't enter my credientials. It gives me a screen like the login one with boxes for the currently logged on user or smart card. No "other" box like the login screen does where I could enter admin credientials. How can I as admin get it so i can logonto a computer locked by a user without killing power and restarting?
0
Comment
Question by:charles_dilger
  • 5
  • 2
  • 2
9 Comments
 
LVL 10

Expert Comment

by:Casey Herman
ID: 21789350
Has domain admins be added to local administrator's group?

Casey
0
 

Author Comment

by:charles_dilger
ID: 21789391
Yes and under xp I can log users out fine. This only seams to apply to Vista where i can't log them out.
0
 
LVL 10

Expert Comment

by:Casey Herman
ID: 21789426
so it is showing on the vista machine that it is there. OK  
Then have you tried disabling vista's advanced security features... you know the allow or deny crap.  It may be asking the empty session if it wants to allow the Administrator to log in and log the other session off.

Casey
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 

Author Comment

by:charles_dilger
ID: 21790227
you mean the UAC? No I havent tried urning that off yet. Its not asking for permission or anything in fact it says user xyz or an administrator can log into the computer but then desnt give me a place to enter a different username. I'll try killng the uac and see f that helps.
0
 
LVL 41

Expert Comment

by:graye
ID: 21794639
So describe the screen that you see again....  is it the "3 box" version for name, password, domain?   Or is it the "2 box" version for CertID, and PIN

Switching bewteen the two screens generally just takes another Crtl-Alt-Del or  a plull/insertion of the Smart Card
0
 

Author Comment

by:charles_dilger
ID: 21796817
It's the "3 box" version. It first says the computer is in use and required you press CRTL Alt Del then i get two of the vista style logon buttons like for user accounts. One with the name domain\user (for the loged in user) and another that says insert smart card.
0
 
LVL 41

Expert Comment

by:graye
ID: 21797960
So, when you attempt to "take over" the currently running users session, are you using a Name/Password pair or a ID/PIN pair?
0
 

Author Comment

by:charles_dilger
ID: 21798590
Just a username and password. Either mine, a member of the administrators group or as the domain admin. We don't use smart cards for logins just other stuff once logged in.
0
 

Accepted Solution

by:
charles_dilger earned 0 total points
ID: 21826840
I just figured this out but I don't know why its like this. When you first press crtl alt del and get the options for the current user or the smart card you can hit esc a few times and it goes back to a press crtl alt del screen again but this time when you do that you get a new option "switch user" it let's me log in with any other user admin or not. It doesnt let me force the first user to log off but I can access the compter and if needed restart it safely allowng me to clear the user accounts.

This workes fine for me.

Any one have ideas why it does this?
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, a new law in my state forced us to get a top-to-bottom analysis of all of our contract client's networks. While we have documentation, it was spotty at best for some - and in any event it needed to be checked against reality. That was m…
No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
In a recent question (https://www.experts-exchange.com/questions/28997919/Pagination-in-Adobe-Acrobat.html) here at Experts Exchange, a member asked how to add page numbers to a PDF file using Adobe Acrobat XI Pro. This short video Micro Tutorial sh…

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now