Servers: 2x AD servers running W2k3 Enterprise SP2
Crimson -> 1 NIC, PDC, Terminal Server
Clover -> 2 NIC (one internal, one external), Remote Access, DFS, File Server
Workstations: mix of W2k Pro, XP Pro, and Vista Business
No AD users (including Administrator) are able to access any shares on the servers this morning.
Vista Error message when accessing \\Crimson or \\Clover:
When I looked at Clover, there was a dialer program on the machine, which I uninstalled.
I then ran AVG Pro 7, and it returned no threats.
When I rebooted Clover and tried to log back in, I was given the error:
I was able to boot into safe mode - removing the AVG Services from startup using msconfig allowed me to boot the machine and login regularly.
After getting back in, I uninstalled AVG (and AVG Firewall)
Crimson rebooted with no issues.
Now both servers are bootable and running ok, but I still get the access denied errors when trying to access either server from anywhere else on the network.
When I attempt to edit Local Computer Policy -> Windows Settings -> Security Settings -> Local Policies -> User Rights Assignments -> Access this computer from the network, I see the following users:
Enterprise Domain Controllers
IUSR_CLOVER
IUSR_CRIMSON
IWAM_CLOVER
IWAM_CRIMSON
And the "Add User or Group" and "Remove" buttons are greyed out, so I cannot add anything to the policy. (I am currently logged on as the Administrator)
I then attempted to recreate the Default Domain Group Policies using dcgpofix, and this gave me the following error:
While I was attempting to solve this problem on Crimson, I tried installing some hotfixes from Microsoft on Clover. While doing that, the installation failed for:
SQL Service Pack 2
Intel - Networking - Intel(R) PRO/1000 GT Desktop Adapter
SQL Server 2005 Service Pack 1
As best I can tell, the root of all of my problems is that the GPO access levels were reset either by some sort of hack... and right now, I'm completely stuck.
Is there some way to force the rights to be reset to default while the Admin account has no access?
Any thoughts at all are very very very appreciated. Thanks...
Crimson -> 1 NIC, PDC, Terminal Server
Clover -> 2 NIC (one internal, one external), Remote Access, DFS, File Server
Workstations: mix of W2k Pro, XP Pro, and Vista Business
No AD users (including Administrator) are able to access any shares on the servers this morning.
Vista Error message when accessing \\Crimson or \\Clover:
When I looked at Clover, there was a dialer program on the machine, which I uninstalled.
I then ran AVG Pro 7, and it returned no threats.
When I rebooted Clover and tried to log back in, I was given the error:
I was able to boot into safe mode - removing the AVG Services from startup using msconfig allowed me to boot the machine and login regularly.
After getting back in, I uninstalled AVG (and AVG Firewall)
Crimson rebooted with no issues.
Now both servers are bootable and running ok, but I still get the access denied errors when trying to access either server from anywhere else on the network.
When I attempt to edit Local Computer Policy -> Windows Settings -> Security Settings -> Local Policies -> User Rights Assignments -> Access this computer from the network, I see the following users:
Enterprise Domain Controllers
IUSR_CLOVER
IUSR_CRIMSON
IWAM_CLOVER
IWAM_CRIMSON
And the "Add User or Group" and "Remove" buttons are greyed out, so I cannot add anything to the policy. (I am currently logged on as the Administrator)
I then attempted to recreate the Default Domain Group Policies using dcgpofix, and this gave me the following error:
While I was attempting to solve this problem on Crimson, I tried installing some hotfixes from Microsoft on Clover. While doing that, the installation failed for:
SQL Service Pack 2
Intel - Networking - Intel(R) PRO/1000 GT Desktop Adapter
SQL Server 2005 Service Pack 1
As best I can tell, the root of all of my problems is that the GPO access levels were reset either by some sort of hack... and right now, I'm completely stuck.
Is there some way to force the rights to be reset to default while the Admin account has no access?
Any thoughts at all are very very very appreciated. Thanks...
