Archived from groups: microsoft.public.windowsxp.security_admin (
More info?)
Hi Rob,
Sorry, I've been out of town. If the system in question is on a LAN, you can always log on to another computer, with an Administrator level account that has access to the file system of the affected machine. If necessary, use the hidden Administrative Shares (\\machinename\C$) to access the C: drive. You should then be able to access the group policy folder.
Another alternative is Bart's PE. This utility creates a bootable "mini" XP, that will allow to run Explorer and access the file system, to do whatever you need there.
I don't know what effect putting local policies in place would have, if there are domain policies already in place. My thought would be that the domain policy would override local policy, but this may not be true in all cases.
--
Doug Knox, MS-MVP Windows Media Center\Windows Powered Smart Display\Security
Win 95/98/Me/XP Tweaks and Fixes
http://www.dougknox.com
--------------------------------
Per user Group Policy Restrictions for XP Home and XP Pro
http://www.dougknox.com/xp/utils/xp_securityconsole.htm
--------------------------------
Please reply only to the newsgroup so all may benefit.
Unsolicited e-mail is not answered.
"Rob Power" <RobPower@discussions.microsoft.com> wrote in message news:66074666-9CD4-492F-8D99-0C5494E0A275@microsoft.com...
> Doug:
>
> Thanks for the help and sorry about the slow response. (The customer is some
> distance away and I can't get there on a regular basis. Anywaym, what you
> suggested did not work. The guy that set up the machine disabled the system
> restore (I don't know why). When I tried to edit the registry, the keys you
> referenced do not exist. Could it be because the computer also connects to a
> domain? If so, do you know of a way to just delete the entire policy from the
> machine so I can get back into it?
>
> Regards,
>
> Rob
>
> "Doug Knox MS-MVP" wrote:
>
>> Group Policies on a stand alone computer apply to all users.
>>
>> 1) Use System Restore to restore back to a point before you made the change.
>>
>> 2) If you haven't locked out Regedit, go to
>>
>> HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun
>>
>> Delete the value in the right pane that references Explorer.exe.
>>
>> 3) In Regedit, go to:
>>
>> HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
>>
>> Locate the DisallowRun value in the right pane and change it to 0 (zero)
>>
>> --
>> Doug Knox, MS-MVP Windows Media Center\Windows Powered Smart Display\Security
>> Win 95/98/Me/XP Tweaks and Fixes
>>
http://www.dougknox.com
>> --------------------------------
>> Per user Group Policy Restrictions for XP Home and XP Pro
>>
http://www.dougknox.com/xp/utils/xp_securityconsole.htm
>> --------------------------------
>> Please reply only to the newsgroup so all may benefit.
>> Unsolicited e-mail is not answered.
>>
>> "Rob Power" <Rob Power@discussions.microsoft.com> wrote in message news:2CDAEFD3-A5B7-494C-A909-4F99A2B2CBC3@microsoft.com...
>> > Hello:
>> >
>> > Somehow, while trying to modify a group policy on a workstation, I set the
>> > policy to also lock out the administrator. One of the policies enforced was
>> > to restrict running explorer. Since I can no longer run Explorer, I can no
>> > longer access C:\windows\system32\group policy folder. Is there any way
>> > around this or am I going to have to reinstall?
>>
Facebook
Twitter
Instagram