Link to home
Create AccountLog in
Avatar of tampatechman

asked on

Locked out of SBS 2003 server

We are unable to log into an SBS 2003 Server.   At the Crtl-Alt-Del screen the message is :The security log on this system is full. Only the administrator can log on to fix the problem.

However, we normally use a secondary admin acct which is not allowing us in and we do not have the master administrator acct password.

We have tried the steps @ to reset the domain administrator password with no luck

Any help is appreciated!
Avatar of top_rung
Flag of United States of America image

see if you can connect via MMC to clear the system logs from a remote machine.  Worth a shot.  
Are you able to connect to the event logs from another computer using the "secondary" account you normally use. You could then either increase the log size or clear the logs.

Another option would be to use that account and change the GPO that enforces this setting by increasing the log size, or having it roll over if it is full. 
Avatar of tampatechman


top_rung - tried using mmc from a remote PC but it rejects the credentials

KenMcF - I can not use the secondary acct at all as it appears to reject the credentials
Is that account a domain admin? are there any other accounts setup as a domain admin or that have rights to the security logs?
From microsoft:
  This issue occurs because no more events can be logged to the Security log on the computer. When events cannot be written to the Security log, only accounts that are members of the Administrators group can log on to the computer.

 So the bottom line is you need an account that is a member of the administrator group to log in and move/delete
the log. Is this server part of a domain and do you have more than 1 DC. If yes then create a new admin user
account on the other DC and then login.
Log in in safe mode and follow these instructions
sfossupport and KCTS - I can only log in under directory services restore mode using the local administrator password.  Clearing the log from there didn't resolve issue and I cannot add/change domain accts from that mode either.  

KenMcF - I don't have the domain administrator password and only have the secondary admin pass that is not working presently

What is the method to create a new domain administrator acct when you cannot log into the domain?
Avatar of sfossupport
Flag of United States of America image

Link to home
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
stop wasting time and deal with the big issue. the security logs. If they are filling up it suggest your server is under attach in some form.

Log into directory services restore more and change the settings for the Security log in event viewer (properties)
 selecting 'overwrite events as needed’ means the log will never get full and will never stop you logging on.
Once logged on check the logs and see what is causing so many security events and fix it urgently.