Solved

Policies - Multiple End-Users locked up after inital login to PC. Unable to get to desktop

Posted on 2008-06-26
11
255 Views
Last Modified: 2010-03-17
This morning end-users reported they were not able to get to their desktops right after their first log in. It only affects those end-users that shut down their computers last night. So, when they logged in this morning all they got was a login prompt> then a blue screen> nothing else. This did not affect folks that locked their computers. This is affecting 3 different cities and all of our servers and network equipment looks ok. We are working with Policy Maker Software, but we do not know if that is the cause. How do we find out. We have no error messages on the DCs or PCs.
0
Comment
Question by:HSBSupport
  • 5
  • 4
11 Comments
 
LVL 1

Author Comment

by:HSBSupport
ID: 21874913
Also, we have rebooted the Domain Controller and Policy Maker server so far.
0
 
LVL 4

Expert Comment

by:Wiired
ID: 21875640
Ok, first question: XP or Vista?

Was there a new MS patch that day that required a reboot to become effective? This may explain why its only the PC's that have rebooted have been effected. You could look at a PC that was NOT rebooted and verify.

Can you boot them into safe mode? If so, you can check to see if a new patch was applied on that day. If so, try removing it if possible.

Also, if you can get in in safe mode, run msconfig and disable all startup items to make sure that the issue doesn't lie with a starting program.

If you cant boot into safemode, try an alternate PE boot Cd, like BartPE: http://www.nu2.nu/pebuilder/
or Microsoft's Takeover of ERD Commander from Winternals, which is now free: http://www.microsoft.com/downloads/details.aspx?FamilyID=5d600369-0554-4595-8ab4-c34b2860e087&DisplayLang=en
This can help you get into the OS and see if there is something funky in the startup as well. ERD Commander will also let you use system restore to go back in time if necessary. **Please Note** This does not work with Vista

These steps will help you narrow it down a bit....keep us posted with your findings
0
 
LVL 1

Author Comment

by:HSBSupport
ID: 21875695
Well, All of the Windows XP clients are affected that had rebooted. We have determined that if you disconnect the network cable as the end-user is logging (XP has cached credentials) they will get to the desktop all the way. Once they are up then we plug the cable back in and things are ok. Until you reboot again. This is a policy issue it seems. Yes. there was a change in policy and I am currently comparing the GPresult reports for both the computer that was shutdown and the one that was not. That is what I have so far.
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 4

Expert Comment

by:Wiired
ID: 21875821
Ok, I have had this happen before. You can use the cached credentials with the cable unplugged and then plug it in and everything's fine. This can be caused by corruption in the computer accounts in AD. Normally, this can be resolved quickly by resetting the computer accounts in AD for the effected machines. You can do this in Active Directory Users and computers: right click the computer name and choose reset account. Reboot the PC and see if it works.

This has been the fix for at least 10 clients of mine with the same issue, perhaps it may work for you.
0
 
LVL 4

Expert Comment

by:Wiired
ID: 21875833
For what its worth, this did not work one time for me, and I had to remove and rejoin the PC's to the domain to get them back properly
0
 
LVL 1

Author Comment

by:HSBSupport
ID: 21876037
I will give it a try. Trying right now.
0
 
LVL 1

Accepted Solution

by:
HSBSupport earned 0 total points
ID: 21876571
We have determined the issue to not be related to AD. Microsoft had us create a new OU and new user account in the root. When loggin in there was no login issue with that new user.  Immediately it pointed to another cause. We were forced to look at other items. We found one that it was our Userlock Software that we use for limiting the number of login attempts to one platform at a  time. Here is the link http://www.isdecisions.com/en/software/userlock/ - Apparantley userlock got unhappy with an account and would not process any other attempts througout the firm. It has a client on every computer except servers. Once the service was stopped everyone started working. So, there you have it.
0
 
LVL 1

Author Comment

by:HSBSupport
ID: 21876601
No comments
0
 
LVL 4

Expert Comment

by:Wiired
ID: 21876634
Glad you got it solved!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
Synchronize a new Active Directory domain with an existing Office 365 tenant
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question