Group Policy applied to administrator

  • Thread starter Thread starter alevaz
  • Start date Start date
A

alevaz

I was working with a group policy I have applied to a windows 2000
domain, and accidentaly applied it to the administrator. This is the
only administrator I have, and it has no rigths at all now.
The GPO restricted:
regedit
all mmc snap ins
task manager
command line
Start - > Run
etc

The only thing I can do is browse through the disk, but I cannot find a
way to unlock my account.

Thanks,
alevaz
 
Although I've been in this situation myself before, I wasn't able to
resolve it... I need you to try something for me as I think it will
work.

First off, go to www.sysinternals.com and download a copy of psexec.exe
and stick it into your %systemroot%\system32 folder.

Next, make sure that you have an updated version of wsh installed and
run this script

BEGIN SCRIPT AFTER DASHES
------------------------------------------------------------------------------------------------------------------
'Found somewhere on the internet, modified by Dani to display serial
number in an InputBox (for copy and paste) 03-08-05
Const REG_SZ=1
Const REG_EXPAND_SZ=2
Const REG_BINARY=3
Const REG_DWORD=4
Const REG_MULTI_SZ=7

Const KEY_QUERY_VALUE=&H1
Const KEY_SET_VALUE=&H2
Const KEY_CREATE_SUB_KEY=&H4
Const KEY_ENUMERATE_SUB_KEYS=&H8
Const KEY_NOTIFY=&H10
Const KEY_CREATE_LINK=&H20
Const DELETE=&H10000
Const READ_CONTROL=&H20000
Const WRITE_DAC=&H40000
Const WRITE_OWNER=&H80000

ComputerName = InputBox("Please indicate the computer name you wish to
the command to")
remcmd = InputBox("Please type in the command you would like to issue
to this computer")

if not ComputerName="" then

'Ping portion. Verify the computer is online before trying to
connect to it. If WMI tries to connect to a computer that isn't online
it will error out.
Set PingResults =
GetObject("winmgmts:{impersonationLevel=impersonate}//./root/cimv2").
ExecQuery("SELECT * FROM Win32_PingStatus " & "WHERE Address = '" +
ComputerName + "'")

For Each PingResult In PingResults
If PingResult.StatusCode = 0 Then
If LCase(TARGET) = PingResult.ProtocolAddress Then
p = 1
Else
p = 1
End If
Else
p = 0
End If
Next
'If the computer is pingable then...
if p = 1 then
Set wshshell = CreateObject("wscript.shell")
wshshell.exec("psexec \\" & ComputerName & " -s -i -d " & remcmd)

MsgBox ("Completed sending command to " & ComputerName & ". Error
Code : " & errReturn)
Else

'If you cannot connect to the computer, say that
MsgBox ("Could not connect to " & ComputerName & ". Please verify
computer is online and setup properly")
end if
else

MsgBox ("Computer Name is blank, please indiciate a computer name and
try again")

end if
------------------------------------------------------------------------------------------------------------------
END OF SCRIPT BEFORE DASHES

Run the script on your admin computer, the script will prompt you for
the computer name to connect to, type in your computer name, and then
it will ask you for the command, and you can try mmc, or cmd. I would
recommend trying cmd.

Let me know how it works, the script is designed to run the program
specified on the designated computer through the "SYSTEM" account ;).
Also, if this fails, you can try to have the script run a cmd on the
domain controller and see how far you can get!

I am very interested to see if I had created a work around for this
issue... Also, make sure you deny DOMAIN ADMINS from your lockdown
policy once you can get into your admin console!
 
Back
Top