Unable to Logon interactively using any account

  • Thread starter Thread starter postman65
  • Start date Start date
P

postman65

Hi,

I have a Windows XP Pro machine that will not let me logon with any
credentials supplied. When I attempt to use a domain account
(administrator or user) the machine tells me that the specified domain
does not exist. If I try to logon with the local administrator account
the machine tells me that I am not allowed to logon interactively.

Things I have tried:
Replacing the security via the recovery console
Booting into safe mode

I don't know what to try next. I don't want to rebuild the workstation
becuase there is data I need to recover.

Any help would be greatly appreciated!
 
Is your computer a member of an Active Directory domain? If so Domain
Security Policy can be configured so that the user right to logon locally
includes user and administrators and the deny logon locally user right is
defined but blank or maybe just includes the guest account. User rights are
under local policies/user rights. If your computer can not find the domain
and it is connected to a network that has a domain controller it probably
has the wrong preferred dens servers specified which only should be domain
controllers. If another domain computer is available then you could possibly
access the locked out computer remotely and use something like psexec from
SysInternals to view and change tcp/ip configuration. Netsh can be used from
the command line to change tcp/ip configuration.

If you are not connected to an AD domain you need to get connected to it or
you could try booting into another operating system such as a parallel
install, on another computer where the locked out operating system hard
drive is installed as a slave/secondary drive, or boot from something like
Bart's PE from your cdrom drive and first renaming the
windows\system32\config\security file to something else and then copying the
\windows\repair\security file to the windows\system32\config directory on
the locked out operating system and then rebooting. Unless you have data
encrypted with EFS you can always recover your data by one of the three
means I just listed and you can always reinstall the operating system to the
same directory without formatting the drive which will preserve your data
[again assuming not EFS encrypted] but you will need to reinstall all your
applications because the new install will not recognize them since they are
not in the registry. --- Steve
 
Back
Top