Interactive Logon

Now I have done it ... I know what I have done, I just cannot seem to get it undone.  I went into the Group Policy Settings on the Server and turned on the "Display information about previous logons during user logon"  Now when I restart ANY computer INCLUDING the server I get "Security policiews on this computer are set to display information about the last interactive logon.  Windows Could not retrieve this information"  and sends me back to the logon screen.  I have tried restarting the server in safe mode ... it lets me in but will not let me play with the group policies.

Any ideas what to try next?
runrightAsked:
Who is Participating?
 
runrightConnect With a Mentor Author Commented:
Did not try safe mode with Networking, did try Directory Services Restore Mode.  The information sent to me from Microsoft did not give any additional clues as to what they did, but IT IS FIXED!
0
 
Cliff GaliherCommented:
Download the RSAT tool set. They include the group policy management console, but since you aren't logging into a session, the error shouldn't manifest and you can edit the group policy remotely.

-Cliff
0
 
runrightAuthor Commented:
Awesome idea ... downloading now and will advise when done..
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
runrightAuthor Commented:
Okay ... I have
1)  Verified this is the one and only install of the Administration Tools Pack
2)  Downloaded and installed the RSAT Tools
3)  Gone into the control panel, programs and features, turn windows features on and off.  I have enabled the remote server and ticked off the "Remote Server Administration Tools" and have ticked off in the Feature Administration Tools the "Group Policy Management Tools"
4)  After doing this a nice icon appears in the Start Menu for "Server Manager"
5)  The first thing it wants is to know the name of the server to connect to, I clicked the Browse button and typed in the server name, checked the name  
6)  When I try this it tries for a moment then Server Manager cannot connect to the server
7)  The help on the mssage says make certain the WinRM service is running.  It is ...
8)  The server SBS 2008 does have all updates installed.

Still stuck ... next?

Tony
0
 
AcklesCommented:
0
 
runrightAuthor Commented:
Ackles, it sounds like I need to enable remote server management on the server before I can connect from a workstation.  I guess the problem I am having is that I cannot log onto the server to enable the remote connection.

0
 
AcklesCommented:
Are you saying that you can't logon to the server as Admin?
0
 
runrightAuthor Commented:
Yes that is correct, even at the server level, when I try to log on it responds with "Security policies on this computer are set to display information about the last interactive logon.  Windows Could not retrieve this information".  I have discovered that with the workstations, if you unplug them you can log on, then plug them back in and get working ... I have also placed a call to Microsoft, paid the big bucks and will see what happens...
0
 
AcklesCommented:
Hold with MS Case we can try something
0
 
AcklesCommented:
If you have any Vista or Windows 7 client do the following:


1. Log on to Vista workstation using a local acconut. (This is not required if you can reach one of your Domain Controllers directly).

2. Log on to any of your domain controllers using Termianl Services (Remote Desktop).

3. Edit the policy (disable setting), disable the entire GPO or just delete its link.

4. Log off the domain controller.

5. Do 'gpupdate /force' at your Vista workstation.

6. Log off Vista.

7. Log on using regular domain account should now succeed.

Let me know how it goes....
A
0
 
AcklesCommented:
Or if you want to do it on DC itself, then

reboot the DC into Safe Mode with Networking (in this mode, GPOs are not applied to the DC)

logon with Domain Admin account

use the GPMC to disable that feature

Try any of these.

A
0
 
runrightAuthor Commented:
Unfortunantly when I rebooted the server is safe mode, it would not let me into any Group Policy items ...

This is how Microsoft solved it.

1)  Gain access to the server from another workstation
2)  Replace \\server\c$\Windows\sysvol\sysvol\domain.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\MACHINE\Registry.pol with another one from another machine

That seems to be about it.  I may be able to give more details later
0
 
AcklesCommented:
Did you try safe mode with "Networking" ?
0
 
runrightAuthor Commented:
Microsoft may charge a bit ... but so far they have been able to fix all the problems I have given them ...
0
 
AcklesCommented:
Glad to hear that, however what I suggested Safe Mode with Networking is one of the resolution provided by MS.

Anyways, the point was to resolve the issue & I am happy it's done :)

A
0
 
AcklesCommented:
I agree that the problem was resolved by MS, but he has clearly stated that he didn't try what was suggested, however in the previous comment he said that he tried, which is contradictory.

Just my thoughts.

A
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.