After editing deny log on locally group policy, not able to log on RRS feed

  • Question

  • Hello,

    I edited the 'Deny Log On Locally' group policyand added the 'Users' group to it. Then I edited the 'Allow Log on Locally' group policy and removed the 'Users' group from it. By doing this I was trying to achieve a situation that only 'Administrator' group assigned accounts could log on to the computer. Then I rebooted and now I am not able log on to any account, even not the built in Administrator account. The message "You cannot log on because the logon method you are using is not allowed on this computer" appears when I try to log on to any account. Anyone could get me out of this situation? I dont want to re-install the windows yet! I'll lose my programs and settings!

    Friday, February 24, 2012 11:17 AM


All replies

  • Hi,

    Since Administrator users are also the members of the Users. Please try to run WinRE to restore or remote login and then change the policy.

    How to use WinRE


    Hope that helps.

    • Marked as answer by Arthur Xie Monday, March 5, 2012 6:51 AM
    Tuesday, February 28, 2012 1:30 AM
  • Yes I agreed with your commen. WinRe will restore the default sec policy.
    • Proposed as answer by datork Wednesday, May 16, 2012 8:00 AM
    Wednesday, May 16, 2012 7:59 AM
  • I just had the same issue myself.  I'm not sure if this is the best way to fix it, but this is how I did it.

    I removed the hard drive from the problem machine and added it to a good machine.  When I booted into the good machine, I ran regedit.  From there I loaded the remote remote registry have and edited the following key HKLM->System->Setup.  I then modified "command line" to be "cmd.exe" and SetupType = 2.  This means that at reboot, it will run cmd.exe.

    Once I made the registry changes, I put the the HD back in the problem machine and rebooted.  The boot screen is the "setup for the first time" screen and then the DOS window opens.  From there I type "gpedit.msc" and re-edit the policy that prevents users from being denied logon.

    Once complete, close the policy editor and type exit in the command window.  You should be good to go!  Good luck!

    Wednesday, June 20, 2012 5:01 PM