?
Solved

GPO ball up my computer

Posted on 2009-04-09
7
Medium Priority
?
233 Views
Last Modified: 2012-05-06
I have a problem with my computer  - I can not copy or paste anything. The computer can not be access from any other computer on the network, but it can access the server and workstations.

My computer is on a network that runs AD and the Enterprise Domain have working on the GPOs  -  I noticed that we were not longer administrators on our computer.  After talking with them  the Enterprise Admin made some changes to the GPO and asked me to perform a gpupdate /force.  After running the command I could no longer access the network correctly- the Enterprise Admin could not see my computer on the network even though I had an IP address (which I could ping); I could ping the DHCP and DNS server) but he couldnt access my computer at all.  We tried to do a restore from a restore point, but the GPO policy prohibited this.  Im also getting error (error5: access denied) when I try to start RPC  which is not starting as it use to.   To further the problem after restarting my computer and trying to go to the Last Known good config that didnt work.

Thinking that I would just copy the files from my desktop which I can access, however; I can not copy them to another copy or server  -- nor can I access my computer from another machine on the network.  From my computer I can not copy or paste anything, but I can open access other machines on the network.  Also I can not access the Start bar at all  it is hidden at the bottom of the screen.    

This is a mess, at this point  how can I just get the documents off my desk (copy them) and the reformat the computer???
0
Comment
Question by:misterd
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 12

Expert Comment

by:piattnd
ID: 24108331
What's the error message you receive when others try to access your machine?  Are they getting access denied?
0
 
LVL 19

Accepted Solution

by:
PeteJThomas earned 750 total points
ID: 24108404
Can you boot into safe mode? If so does that help at all?

You could also either nab the HDD out, connect it to a USB HDD enclosure, and just drag stuff onto another PC or burn it off to CD/DVD from another PC...

Or you can try one of the many bootable environments (such as BartPE: http://nu2.nu/pebuilder/) to boot into an environment outside of your Windows installation to copy the files off to an external USB drive or something.

Just throwing in some possible ideas! :)

Pete
0
 
LVL 15

Expert Comment

by:zelron22
ID: 24108802
He probably can't access your machine because the firewall has been activated.  That would prevent PING and other remote access.

0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 
LVL 12

Expert Comment

by:piattnd
ID: 24110086
Just FYI to the poster, if the issue was a GPO related issue, your domain admin can move you into an OU that doesn't have ANY GPOs associated to it and the issue should clear.  Reboot your machine after he's moved your machine account out of that OU and it will remove all previously associated GPOs.

That's also a test your domain admin can use to identify WHICH GPO caused the issue.
0
 
LVL 19

Expert Comment

by:PeteJThomas
ID: 24110140
That may work, although I think a lot of GPO settings are persistent, and don't actually revert back to normal once the GPO is removed - You actually have to continue to use the GPO, but with whatever new settings you want. It's worth a shot though by all means!

Pete
0
 
LVL 12

Expert Comment

by:piattnd
ID: 24110205
I forgot to also specify, if it was a GPO assigned to your user OU or Computer OU, that's the account they need to move.  They should know what they did and I'm kinda surprised they haven't undone it if it truely is a GPO issue.

I agree with Pete though, it's possible removing the GPO may not revert all changes.  For example, if the GPO forced the firewall to be turned on, removing the GPO may not revert that change AND the firewall may prevent communication with the DC to apply the new GPO removing the firewall, therefore having to manually disable the firewall with local admin rights.  Good catch Pete.
0
 
LVL 19

Expert Comment

by:PeteJThomas
ID: 24110291
And I also agree that I think it's daft this happened in the first place and that they can't sort it. What do we always do before implementing ANYTHING in a live environment? Thoroughly test it, that's what!!! :)

Pete
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's recap what we learned from yesterday's Skyport Systems webinar.
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question