Re: Administrator can't log in locally
- From: "Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]" <sbradcpa@xxxxxxxxxxx>
- Date: Fri, 27 Jan 2006 18:02:06 -0800
No patch would cause this.
The addition of a group that limits rights caused this. I have seen this issue before and it's invariable a wrong group membership that denies a login. Step one would be to attempt to TS in from an attached workstation and reset the memberships.
I have been patching many a SBS box and have been remoting into machines for the same about of time.
I have also been answering newsgroup questions for many years and the following is true of many a poster and myself.
We forget that we've changed a setting.
We don't document what we do.
No security patch of Microsoft caused this change. I track every patch that comes down on my box, I try to understand what they do, I track the issues that occur. Keep in mind that patching is not the only change on your system, Antivirus introduces change as well. Read the security bulletins that come out every month and take the time to understand the code that is being applied to your system. None of them would change the way an administrator logs on the system. Changes in patches are documented in the KBs as are known issues [look in the caveat section].
The question is more from a "do you honestly think it's reasonable that Microsoft would break the ability for an administrator to walk up physically to a machine and log in?" Think of what patches are doing and why they do what they do. They are protecting you from remote threats.... an Admin logging on locally to that system .. that 'right' to use your own system is not something that a security patch would change.
Something happened, yes...but it was not caused by a security patch.
The comment is about patches in general .... take the time to understand what they do and you would not include them as a cause in this.
Log in via TS from an attached workstation..review the memberships. If that doesn't work do they have another "Administrator" account. If that is not able to be done, try booting to safe mode.
I'm assuming they meant from an offsite location. Try onsite first.
AMeador wrote:
I know your reply here was to 'chriss', but I though I'd add another comment here. I am pro Microsoft and not pro Linux, but if it could help so be it. Whether the patch schedule is dialy, weekly, monthly, quarterly, etc... 'rg' said that the system has been remotely admined for close to 2 years without a local login. So over a period of 2 years, at whatever interval, I'd say there have been a fair number of patches/updates/addons/etc... installed through the Windows Update Service. It still doesn't seem to be a completely unreasonable question to ask considering the time frame and the fact that they are not aware of making a change to restrict local login to administrator themselves. One of the reasons I put any of my 'two cents' into this thread was due to the fact that too many people in here respond to threads without a solution and appearantly without reading the whole post that started the thread. I myslef have had to re-post way too many times because someone throws in a solution that had nothing to do with what I asked because they appearantly have read the first couple of sentences of what I wrote and then replied. If I write 10 lines in a post, they are there to be read and considered. I don't see the point in the comment [and why does everyone assume this?] as relevant other than to berate for no reason, it doesn't solve the problem, and they weren't being rude about it in the first place - it is a reasonable question to ask. As I posted before, it doesn't appear that you paid attention to the point that they have been remote accessing this whole time - obviously if they could still remote access they wouldn't be bringing this problem up in the first place. They can't login locally for whatever reason and clearly, they can't remote into the machine, so what is the/a solution? Obviously whatever the solution, it has to be accomplished without login into Windows to do it - locally or remotely. I've done a little looking but haven't found a full solution, but I have found that there are in fact Linux boot disks with Registry editing utilities included. However, I don't know what registry entries would have to be tweaked, or if it can even be done through registry entries. This is a bit out of my knowledge range (as far as where this policy would be stored, what registry keys need to be edited if it is in the registry, etc...) Do you have any further information on a solution? Something outside of my suggestions, or if my suggestion is a good base, what needs to be tweaked? I'm sure this person is looking for a solution vs. berating and lack of focus on the description of the problem.
.
- Follow-Ups:
- Re: Administrator can't log in locally
- From: Andrew Meador - ASCPA, MCSE, MCP+I, Network+, A+
- Re: Administrator can't log in locally
- References:
- Administrator can't log in locally
- From: rg
- Re: Administrator can't log in locally
- From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
- Re: Administrator can't log in locally
- From: chriss
- Re: Administrator can't log in locally
- From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
- Re: Administrator can't log in locally
- From: AMeador
- Administrator can't log in locally
- Prev by Date: Re: hotbar spam
- Next by Date: Voip Learning and Translating Tutorial
- Previous by thread: Re: Administrator can't log in locally
- Next by thread: Re: Administrator can't log in locally
- Index(es):
Relevant Pages
|
