XP Login

[Jake]

Hi,
One night this week I logged on to xp home edition with my
password. then next morning I couldn't logon anymore. I
get the message "The Local Policy of This System Does Not
Permit You to Logon Interactively". When this happened a
new logon icon appeared called asp.net. I am not sure how
or why this new account appeared. But it is there now.
So, I downloaded a offline password recovery program. It
says it worked. I changed my logon, the adminastrator,
and the asp.net logon all to blank. When I restart it
went through the check disk screens and continued to the
login screen. And when I try to login I still get
the "The Local Policy ... Logon Interactively" error. No
matter which account i try with. I went back to change
the passwords again and the program says my passwords are
blank. So it seems to work. Why am I getting that "The
Local Policy ... Logon Interactively". Any ideas how to
fix it? Any help would be greatly appreciated.

 

[Doug Knox MS-MVP]

Your password isn't the issue, its a registry restriction that prevents your user (or user group) from logging into the machine from the local console. Is the machine on a network? Do you know someone that has a network that you might be able to hook it up to?

If you have access to the affected computer via a LAN connection, from a Windows XP or Windows 2000 machine:

On the other machine, click Start, Run and enter REGEDIT (REGEDT32 on Windows 2000, and note REGEDT32 works differently than Regedit) Once there, go to File, Connect Network Registry. Type in the machine name of the affected computer. You'll see another computer icon listed at the bottom of the tree, with that machine name. Expand it and go to HKEY LOCAL MACHINE\Security. Right click on the Security subkey and select permissions. Give Administrators "Full Control". Press the F5 key to refresh the view in REGEDIT. Now you should be able to see the subkeys under Security. In the Security subkey, go down to Policy\Accounts. Look for the account that matches yours. This is by the SID. The SID is the number that looks similar to this:

HKEY LOCAL MACHINE\SECURITY\Policy\Accounts\S-1-5-21-1606980848-1604221776-725345543-1014

Your account will be one of the longer SID strings. The shorter ones are not user accounts.

There is no way to tell from the contents of the keys, which SID belongs to who. You can download a small VBS script from:

http://www.dougknox.com/xp/scripts/xp_accountsid.vbs

This script will allow you to enter the machine name of the problem machine and extract a list of SID's/User information and display it in Notepad. Do not use the \\name convention, just enter the machine name.

Once you've determined the correct SID for your user account, right click the appropriate subkey and select Export. This creates a backup, just in case. Then right click the same key and select Delete.

Next, right click the computer icon for the remote computer and select Disconnect, to disconnect the remote Registry. You should now be able to log on locally to the affected machine. You may need to reboot the machine for the change to take effect.

If not, then reconnect to the remote computer's registry and re-import the REG file you exported earlier. And if this doesn't work, your only option may be a paralell installation of XP and then recover your data from the problem system.