Below was a response you gave to another person on techrepublic for a logon problem. The administrator is not allowed to logon interactively. I have the same problem caused by removing the IIS lockdown tool. The strange thing being I can log onto the machine using a person with non admin rights with no problem. It is just the admin accounts that are locked out from logging in interactively. I was looking at the below response and wondering how this can be run if you don’t have an admin account to put this file in the startup. Where can I put this file to execute upon startup that uses admin rights? I can log in to this machine C$ as admin and get to any directory, I just need to know where exactly to put this command file. Thanks.
Dave
please reply to tech.systems@mncpa.org
===================================
open notepad, and add the following
secedit /configure /cfg %windir% \repair\secsetup.inf /db secsetup.sdb
(all one line)
save the file as security.cmd – the file icon should change to a batch file icon (sorry if some of this is a bit obvious but I don’t know how much of this you’ve seen before). Now add that batch file as a start up script on your problem server, and reboot it. What should happen is that secedit will reset all of the system security to the defaults, and allow you access. bear in mind that when you rejoin your machine to the domain, the domain policies will be applied and your machine will be locked down once again. I’d try this on a test box to make sure you are happy with it! Hope this helps…
Hope this helps…
