Archived from groups: microsoft.public.win2000.group_policy (
More info?)
Hi Mike,
You are so lucky.
It's hard to say if there's any backdoor. It really depends on what you did
(exactly) and you think of any workarounds out there. That's why I asked
what you did.
I was once locked out by myself in GP, and luckily I could think of a way
out. But don't ask me what happened, I bet I forgot it completely.
br,
Denis
"Mike" <Mike@discussions.microsoft.com> wrote in message
news:CA7C28F9-B242-479C-A9F2-794AB879802B@microsoft.com...
> Denis,
>
> Thanks for the reply. Luckily I was able to fix the problem after sending
> this note, but what happend was I created a new policy that was supposed
to
> apply to only one machine that I was setting up for running terminal
> services. However, I applied it to the entire domain instead, and
suddenly
> found myself (and all my users) locked down, and I couldn't even log onto
my
> primary domain controller.
> However, luckily, one of the secondary domain controllers hadn't had the
> policy applied yet, and I was able to get into group policy and remove all
> the settings I had changed, and reapply. Then the waiting game commenced
to
> see if the changes I made would propagate out to all the machines or not,
and
> luckily it did, and after a few reboots, I'm back to normal as best I can
> tell.
> With that said, are their any backdoors or administrative commands you can
> install on a workstation to get to group policy management for editing
> purposes in case something like this happens again?
>
> Thanks,
>
> Mike
>
>
> "Denis Wong @ Hong Kong" wrote:
>
> > Hi Mike,
> >
> > So I think you have to tell what exactly you did (in details), and what
you
> > now do (in details) and the result (or error). Otherwise I cannot think
of a
> > way to help.
> >
> > br,
> > Denis
> >
> > "Mike" <Mike@discussions.microsoft.com> wrote in message
> > news:0A8C7454-B51B-41C4-9C50-3C229518C70D@microsoft.com...
> > > Hi,
> > >
> > > I was trying to set up group policy to lock down a machine I am using
for
> > > Terminal Services, and I have apparently locked down my entire domain.
I
> > > can't even get to the Group Policy Management on the Domain Controller
> > (says
> > > it's disabled by policy). Is there a way to get into it, so I can
figure
> > out
> > > what I did, and undo it? I need any advice anyone has.
> > >
> > > Mike
> > >
> >
> >
> >