Steve:
It did not work.
I was able to access my "locked" PC's C Drive by using
the "\\computername\c$".
Important points I want feedback on:
1) My working PC originally ran on Win 98 and was upgraded
to Win 2000. It was not a clean install. I was an upgrade.
Also my 2nd PC runs on a PII 233. My locked PC is a 800mh
celeron.
2) What if I added a 3rd PC running on a clean install of
Win2000 to my network and added it to my workgroup. Then I
could copy it's "secedit.sdb" to it. Would that help?
3) When I copy/pasted the "secedit.sdb" to the locked PC,
I did not delete the now name changed "seceditold.sdb". I
pasted my 2nd PC's copied secedit.sdb next to it in the
database folder. So, in the end, the database folder on my
locked PC had the new/copied "secedit.sdb" file and the
name changed "seceditold.sdb" file still for the fix it
boot up. (Did that cause a problem?)
4) I noticed on JSI FAQ #3361 that it says to rename
the "secedit.sdb" file to "secedit.old_sdb". That is
different from your suggestion. You said to rename the
file "seceditold.sdb". Does that make a difference?
5) Looking at JSI FAQ #3361 that it says the cause
was "Local Security Policy has been set to deny logon
right to everyone." I do not recall "setting a deny" at
all. I did delete some "user groups" that I didn't think I
needed. My guess is that the problem is a missing group
not a deny to everyone. I recall setting a lot of the
security settings to allow for everyone. i do not recall
one time where I set security to deny everyone.
6) Over my many attempts to boot up the locked PC, I tried
Safe Mode. I watched the as the black screen scrolled
through all of the driver names. Eventually the scrolling
ends and the PC sits for quite a while. Could it be stuck
trying to load a bad driver? Can I try the "return to the
last good configuration" route?
Once I was able to move throughout my locked PC's file
structure using "\\computername\c$", I feel pretty
optimistic that this can now be fixed throught the network
somehow.
At very worst, I can at least copy everything off of the
PC to a 3rd PC and save it there or burn a CD.
Unfortunately, my existing 2nd PC has only a 4 gig
harddrive so it won't work. It is far too small. Plus it
only had about 225 meg left. It is far too small to
attempt a move.
I assume it would be possible to add a third (& larger HD)
PC to my 4 port router and move the files there. At least
I now access to my Outlook email contact files and
email .pst files with info I badly need.
Also, I had copied installation CD's directly to my locked
PC's HD for save keeping in case something happened to the
CD's themselves. At least now I can move these files to a
3rd PC.
-----Original Message-----
Thanks, Steve. You've been a life saver.
JWC062604
-----Original Message-----
The link I showed shows exactly how to do that. Here are
the basic steps.
Substitute your actual computer name for the locked out
computer where I
show "computername". If you don't know the computers
actual name, you should
see it in My Network Places on the good computer.
Hopefully your working
computer is a Windows 2000 Pro computer or this will not
work and stop after
verifiyng or not that you can access the C$ folder on
the
locked out
computer as described in the second sentence below. If
you can at least
access the c$ folder there may be another option but I
need to know the
operating system of your good computer. If you can not
access the c$ drive
you will need to try to take it to someone who can slave
the drive in
another computer running Windows 2000 or XP to try and
repair it or
reinstall the operating system which can be done without
destroying your
data but will require that you reinstall all of your
applications, service
pack, and critical updates. Note that if you have any
EFS
encrypted files,
that a reinstall that is not an "upgrade" install will
prevent you from ever
accessing them again unless you backed up your EFS
privaye keys.
http://www.jsiinc.com/SUBG/TIP3300/rh3361.htm
First logon to your other computer with a logon name and
password that
exists on the locked out computer that is an
administrator on that computer.
Create the account on your "good" computer if need be.
In the run box type \\computername\c$ and then enter. If
it brings up the
administrative share on the other computer which should
show the whole drive
you are in. I am assumming c drive is where your
operating system is at and
if it is not use the correct drive letter.
Go to the \winnt\security\database folder. First open
the
winnt folder and
then the others in the order shown. Folders are in
alphabetical order within
a folder.This is called the "path". You should see a
file
called secedit.sdb
in the window to the right. Right click that file and
select rename. Rename
it seceditold.sdm and hit enter.
Minimize the Explorer Window by selecting the minimize
icon in the top right
hand corner. Now on your "good" computer go to the same
folder path and find
the copy of secedit.sdb on it. Right click that file and
select copy. Now
maximize the Explorer Window on your locked out computer
and put your
pointer in the window to the right where you now have a
file called
seceditold.sdb. Right click your mouse and select paste
and you should now
see a copy of secedit.sdb from the other computer that
you just copied.
Close your Explorer Windows and reboot the locked out
computer to see if it
helps and let me know. --- Steve
in message
Steve:
I actually do have another PC on my (2 PC) network.
This
is how I am communicating now. My purpose for the
network
was so both PC's could share the cable modem to the
net.
That's the only reason that I have the network.
Are there other instructions possible with a PC on the
network? Or how might a professional repair this
problem?
I would take the machine to a firm that only dealt with
larger, corporate clients.
Please respond.
JWC062604
-----Original Message-----
See the tips in the link below. If you do not have a
another computer on the network
you are going to need to try and replace the
secedit.sdb
file on your computer some
other way such as by putting your hard drive in
another
computer as a slave/secondary
drive or doing a parallel install of the operating
system
[best done into another
partition] in order to do the repair being very
careful
NOT to install over your
existing installation and do NOT format your drive,
which
you can delete when you are
done. Specifically what happened is either you
removed
groups from the logon
locally user right or added a group to the deny logon
locally user right [more
likely]. --- Steve
http://www.jsiinc.com/SUBG/TIP3300/rh3361.htm
http://support.microsoft.com/default.aspx? scid=kb;en-
us;266465
"JWC062604" <
[email protected]>
wrote
in message
I use my PC locally only so last night I was trying
to
bypass the Windows logon screen. I thought I had
made
the
proper adjustments within "Local Security Policy"
and "Users & Passwords" to allow for a straight
boot
up
without the popup Windows logon box.
This morning, when I booted up my PC, the Windows
logon
box still comes up so i went ahead and hit "OK"
like
i
had
always dine previously using Administrator as my ID.
Then
I got a popup message stating "The local policy of
this
system does not permit you to logon interactively."
I hit OK and the above message keeps coming up. How
can
I
go back and reset the logon settings the way they
were?
TY JWC062404
.
.
.
