Solved

Policies - Multiple End-Users locked up after inital login to PC. Unable to get to desktop

Posted on 2008-06-26
11
253 Views
Last Modified: 2010-03-17
This morning end-users reported they were not able to get to their desktops right after their first log in. It only affects those end-users that shut down their computers last night. So, when they logged in this morning all they got was a login prompt> then a blue screen> nothing else. This did not affect folks that locked their computers. This is affecting 3 different cities and all of our servers and network equipment looks ok. We are working with Policy Maker Software, but we do not know if that is the cause. How do we find out. We have no error messages on the DCs or PCs.
0
Comment
Question by:HSBSupport
  • 5
  • 4
11 Comments
 
LVL 1

Author Comment

by:HSBSupport
Comment Utility
Also, we have rebooted the Domain Controller and Policy Maker server so far.
0
 
LVL 4

Expert Comment

by:Wiired
Comment Utility
Ok, first question: XP or Vista?

Was there a new MS patch that day that required a reboot to become effective? This may explain why its only the PC's that have rebooted have been effected. You could look at a PC that was NOT rebooted and verify.

Can you boot them into safe mode? If so, you can check to see if a new patch was applied on that day. If so, try removing it if possible.

Also, if you can get in in safe mode, run msconfig and disable all startup items to make sure that the issue doesn't lie with a starting program.

If you cant boot into safemode, try an alternate PE boot Cd, like BartPE: http://www.nu2.nu/pebuilder/
or Microsoft's Takeover of ERD Commander from Winternals, which is now free: http://www.microsoft.com/downloads/details.aspx?FamilyID=5d600369-0554-4595-8ab4-c34b2860e087&DisplayLang=en
This can help you get into the OS and see if there is something funky in the startup as well. ERD Commander will also let you use system restore to go back in time if necessary. **Please Note** This does not work with Vista

These steps will help you narrow it down a bit....keep us posted with your findings
0
 
LVL 1

Author Comment

by:HSBSupport
Comment Utility
Well, All of the Windows XP clients are affected that had rebooted. We have determined that if you disconnect the network cable as the end-user is logging (XP has cached credentials) they will get to the desktop all the way. Once they are up then we plug the cable back in and things are ok. Until you reboot again. This is a policy issue it seems. Yes. there was a change in policy and I am currently comparing the GPresult reports for both the computer that was shutdown and the one that was not. That is what I have so far.
0
 
LVL 4

Expert Comment

by:Wiired
Comment Utility
Ok, I have had this happen before. You can use the cached credentials with the cable unplugged and then plug it in and everything's fine. This can be caused by corruption in the computer accounts in AD. Normally, this can be resolved quickly by resetting the computer accounts in AD for the effected machines. You can do this in Active Directory Users and computers: right click the computer name and choose reset account. Reboot the PC and see if it works.

This has been the fix for at least 10 clients of mine with the same issue, perhaps it may work for you.
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 4

Expert Comment

by:Wiired
Comment Utility
For what its worth, this did not work one time for me, and I had to remove and rejoin the PC's to the domain to get them back properly
0
 
LVL 1

Author Comment

by:HSBSupport
Comment Utility
I will give it a try. Trying right now.
0
 
LVL 1

Accepted Solution

by:
HSBSupport earned 0 total points
Comment Utility
We have determined the issue to not be related to AD. Microsoft had us create a new OU and new user account in the root. When loggin in there was no login issue with that new user.  Immediately it pointed to another cause. We were forced to look at other items. We found one that it was our Userlock Software that we use for limiting the number of login attempts to one platform at a  time. Here is the link http://www.isdecisions.com/en/software/userlock/ - Apparantley userlock got unhappy with an account and would not process any other attempts througout the firm. It has a client on every computer except servers. Once the service was stopped everyone started working. So, there you have it.
0
 
LVL 1

Author Comment

by:HSBSupport
Comment Utility
No comments
0
 
LVL 4

Expert Comment

by:Wiired
Comment Utility
Glad you got it solved!
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Many admins will agree: WSUS is is a nice invention but using it on the client side when updating a newly installed computer is still time consuming as you have to do several reboots and furthermore, the procedure of installing updates, rebooting an…
The password reset disk is often mentioned as the best solution to deal with the lost Windows password problem. In Windows 2008, 7, Vista and XP, a password reset disk can be easily created. But besides Windows 7/Vista/XP, Windows Server 2008 and ot…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now