Solved

Policies - Multiple End-Users locked up after inital login to PC. Unable to get to desktop

Posted on 2008-06-26
11
259 Views
Last Modified: 2010-03-17
This morning end-users reported they were not able to get to their desktops right after their first log in. It only affects those end-users that shut down their computers last night. So, when they logged in this morning all they got was a login prompt> then a blue screen> nothing else. This did not affect folks that locked their computers. This is affecting 3 different cities and all of our servers and network equipment looks ok. We are working with Policy Maker Software, but we do not know if that is the cause. How do we find out. We have no error messages on the DCs or PCs.
0
Comment
Question by:HSBSupport
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
11 Comments
 
LVL 1

Author Comment

by:HSBSupport
ID: 21874913
Also, we have rebooted the Domain Controller and Policy Maker server so far.
0
 
LVL 4

Expert Comment

by:Wiired
ID: 21875640
Ok, first question: XP or Vista?

Was there a new MS patch that day that required a reboot to become effective? This may explain why its only the PC's that have rebooted have been effected. You could look at a PC that was NOT rebooted and verify.

Can you boot them into safe mode? If so, you can check to see if a new patch was applied on that day. If so, try removing it if possible.

Also, if you can get in in safe mode, run msconfig and disable all startup items to make sure that the issue doesn't lie with a starting program.

If you cant boot into safemode, try an alternate PE boot Cd, like BartPE: http://www.nu2.nu/pebuilder/
or Microsoft's Takeover of ERD Commander from Winternals, which is now free: http://www.microsoft.com/downloads/details.aspx?FamilyID=5d600369-0554-4595-8ab4-c34b2860e087&DisplayLang=en
This can help you get into the OS and see if there is something funky in the startup as well. ERD Commander will also let you use system restore to go back in time if necessary. **Please Note** This does not work with Vista

These steps will help you narrow it down a bit....keep us posted with your findings
0
 
LVL 1

Author Comment

by:HSBSupport
ID: 21875695
Well, All of the Windows XP clients are affected that had rebooted. We have determined that if you disconnect the network cable as the end-user is logging (XP has cached credentials) they will get to the desktop all the way. Once they are up then we plug the cable back in and things are ok. Until you reboot again. This is a policy issue it seems. Yes. there was a change in policy and I am currently comparing the GPresult reports for both the computer that was shutdown and the one that was not. That is what I have so far.
0
PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

 
LVL 4

Expert Comment

by:Wiired
ID: 21875821
Ok, I have had this happen before. You can use the cached credentials with the cable unplugged and then plug it in and everything's fine. This can be caused by corruption in the computer accounts in AD. Normally, this can be resolved quickly by resetting the computer accounts in AD for the effected machines. You can do this in Active Directory Users and computers: right click the computer name and choose reset account. Reboot the PC and see if it works.

This has been the fix for at least 10 clients of mine with the same issue, perhaps it may work for you.
0
 
LVL 4

Expert Comment

by:Wiired
ID: 21875833
For what its worth, this did not work one time for me, and I had to remove and rejoin the PC's to the domain to get them back properly
0
 
LVL 1

Author Comment

by:HSBSupport
ID: 21876037
I will give it a try. Trying right now.
0
 
LVL 1

Accepted Solution

by:
HSBSupport earned 0 total points
ID: 21876571
We have determined the issue to not be related to AD. Microsoft had us create a new OU and new user account in the root. When loggin in there was no login issue with that new user.  Immediately it pointed to another cause. We were forced to look at other items. We found one that it was our Userlock Software that we use for limiting the number of login attempts to one platform at a  time. Here is the link http://www.isdecisions.com/en/software/userlock/ - Apparantley userlock got unhappy with an account and would not process any other attempts througout the firm. It has a client on every computer except servers. Once the service was stopped everyone started working. So, there you have it.
0
 
LVL 1

Author Comment

by:HSBSupport
ID: 21876601
No comments
0
 
LVL 4

Expert Comment

by:Wiired
ID: 21876634
Glad you got it solved!
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
Let's recap what we learned from yesterday's Skyport Systems webinar.
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question