-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 There is a way to do this. What you will need to do is boot into the Recovery Console. Rename CMD.EXE to LOGON.SCR (which you will need to rename as well). Reboot the server into AD Restore Mode. Wait until the logon screen saver kicks in, and you should then be able to run MMC.EXE and undo the changes made. There is an article out there that I know of that goes more in depth on this recovery, and I will reply back to you with the link once I find it. Chris Lynch lynch00@xxxxxxx - -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Brian Lilley Sent: Monday, February 23, 2004 10:47 AM To: 'thin@xxxxxxxxxxxxx' Cc: 'windows2000@xxxxxxxxxxxxx' Subject: [THIN] arrghh GPO locked admins out A client of mine was creating a lockdown GPO which he intended to apply to his metaframe servers. The only problem is, he applied to all his users computers, DC's and admins..doh!! Now, he is unable to login to run the GPO MMC to undo the work. I was wondering if there was anyway to get in to undo this work. I guess all this is now in the NTDS.DIT file and there aint much way around it?? Is there an easy ADSI hack to disable this GPO? Is there anything in the SYSVOL directory that can be changed to stop the GPO from being applied?? They are unable to run up AD Users and Computers snap in as this is restricted!!! Brian Lilley Systems Integration Vivista Ltd m - 07929 002501 e - brian.lilley@xxxxxxxxxxxxx www.vivista.co.uk ********************************************************************** The information contained in this e-mail message is intended only for the individuals named above. If you are not the intended recipient, you should be aware that any dissemination, distribution, forwarding or other duplication of this communication is strictly prohibited. The views expressed in this e-mail are those of the individual author and not necessarily those of Vivista Limited. Prior to taking any action based upon this e-mail message you should seek appropriate confirmation of its authenticity. If you have received this e-mail in error, please immediately notify the sender by using the e-mail reply facility. ********************************************************************** _____________________________________________________________________ This message has been checked for all known viruses on behalf of Vivista by MessageLabs. http://www.messagelabs.com or Email: mailsweeper.info@xxxxxxxxxxxxx Vivista formerly Securicor Information Systems for further information http://www.vivista.co.uk ******************************************************** This weeks sponsor triCerat Inc. triCerat makes your job easier by offering essential applications to eliminate your printing, policy and profile, and your application management problems. http://www.triCerat.com ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 Comment: Public PGP Key for Chris Lynch. iQA/AwUBQDpOb29fg+xq5T3MEQJ6tgCfXBLcQ1pcOGErejeGL4W0YhHHOsoAn3S9 NOHTROT88MlQ11L/4Oyk0r51 =SdN7 -----END PGP SIGNATURE----- ******************************************************** This weeks sponsor triCerat Inc. triCerat makes your job easier by offering essential applications to eliminate your printing, policy and profile, and your application management problems. http://www.triCerat.com ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm