Solved

Interactive Logon

Posted on 2011-09-26
16
1,432 Views
Last Modified: 2012-06-21
Now I have done it ... I know what I have done, I just cannot seem to get it undone.  I went into the Group Policy Settings on the Server and turned on the "Display information about previous logons during user logon"  Now when I restart ANY computer INCLUDING the server I get "Security policiews on this computer are set to display information about the last interactive logon.  Windows Could not retrieve this information"  and sends me back to the logon screen.  I have tried restarting the server in safe mode ... it lets me in but will not let me play with the group policies.

Any ideas what to try next?
0
Comment
Question by:runright
  • 8
  • 7
16 Comments
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 36599669
Download the RSAT tool set. They include the group policy management console, but since you aren't logging into a session, the error shouldn't manifest and you can edit the group policy remotely.

-Cliff
0
 

Author Comment

by:runright
ID: 36599758
Awesome idea ... downloading now and will advise when done..
0
 

Author Comment

by:runright
ID: 36600156
Okay ... I have
1)  Verified this is the one and only install of the Administration Tools Pack
2)  Downloaded and installed the RSAT Tools
3)  Gone into the control panel, programs and features, turn windows features on and off.  I have enabled the remote server and ticked off the "Remote Server Administration Tools" and have ticked off in the Feature Administration Tools the "Group Policy Management Tools"
4)  After doing this a nice icon appears in the Start Menu for "Server Manager"
5)  The first thing it wants is to know the name of the server to connect to, I clicked the Browse button and typed in the server name, checked the name  
6)  When I try this it tries for a moment then Server Manager cannot connect to the server
7)  The help on the mssage says make certain the WinRM service is running.  It is ...
8)  The server SBS 2008 does have all updates installed.

Still stuck ... next?

Tony
0
Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

 
LVL 11

Expert Comment

by:Ackles
ID: 36600449
0
 

Author Comment

by:runright
ID: 36600987
Ackles, it sounds like I need to enable remote server management on the server before I can connect from a workstation.  I guess the problem I am having is that I cannot log onto the server to enable the remote connection.

0
 
LVL 11

Expert Comment

by:Ackles
ID: 36601208
Are you saying that you can't logon to the server as Admin?
0
 

Author Comment

by:runright
ID: 36601482
Yes that is correct, even at the server level, when I try to log on it responds with "Security policies on this computer are set to display information about the last interactive logon.  Windows Could not retrieve this information".  I have discovered that with the workstations, if you unplug them you can log on, then plug them back in and get working ... I have also placed a call to Microsoft, paid the big bucks and will see what happens...
0
 
LVL 11

Expert Comment

by:Ackles
ID: 36601501
Hold with MS Case we can try something
0
 
LVL 11

Expert Comment

by:Ackles
ID: 36601530
If you have any Vista or Windows 7 client do the following:


1. Log on to Vista workstation using a local acconut. (This is not required if you can reach one of your Domain Controllers directly).

2. Log on to any of your domain controllers using Termianl Services (Remote Desktop).

3. Edit the policy (disable setting), disable the entire GPO or just delete its link.

4. Log off the domain controller.

5. Do 'gpupdate /force' at your Vista workstation.

6. Log off Vista.

7. Log on using regular domain account should now succeed.

Let me know how it goes....
A
0
 
LVL 11

Expert Comment

by:Ackles
ID: 36601545
Or if you want to do it on DC itself, then

reboot the DC into Safe Mode with Networking (in this mode, GPOs are not applied to the DC)

logon with Domain Admin account

use the GPMC to disable that feature

Try any of these.

A
0
 

Author Comment

by:runright
ID: 36601634
Unfortunantly when I rebooted the server is safe mode, it would not let me into any Group Policy items ...

This is how Microsoft solved it.

1)  Gain access to the server from another workstation
2)  Replace \\server\c$\Windows\sysvol\sysvol\domain.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\MACHINE\Registry.pol with another one from another machine

That seems to be about it.  I may be able to give more details later
0
 
LVL 11

Expert Comment

by:Ackles
ID: 36601642
Did you try safe mode with "Networking" ?
0
 

Accepted Solution

by:
runright earned 0 total points
ID: 36712136
Did not try safe mode with Networking, did try Directory Services Restore Mode.  The information sent to me from Microsoft did not give any additional clues as to what they did, but IT IS FIXED!
0
 

Author Closing Comment

by:runright
ID: 36898959
Microsoft may charge a bit ... but so far they have been able to fix all the problems I have given them ...
0
 
LVL 11

Expert Comment

by:Ackles
ID: 36712148
Glad to hear that, however what I suggested Safe Mode with Networking is one of the resolution provided by MS.

Anyways, the point was to resolve the issue & I am happy it's done :)

A
0
 
LVL 11

Expert Comment

by:Ackles
ID: 36712168
I agree that the problem was resolved by MS, but he has clearly stated that he didn't try what was suggested, however in the previous comment he said that he tried, which is contradictory.

Just my thoughts.

A
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question