Microsoft KB Archive/285665

= Error message: Your account is configured to prevent you from using this computer =

Article ID: 285665

Article Last Modified on 3/2/2007

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server

-



This article was previously published under Q285665



IMPORTANT: This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry



SYMPTOMS
When you try to log on to a remote access server, you may receive an error message that is similar to the following:

Unknown user or Bad Password.

When you try to log on to a console of a remote access server, you may receive an error message that is similar to the following:

Your account is configured to prevent you from using this computer.



CAUSE
This issue may occur if a security policy is set to shut down the computer if a user unsuccessfully tries to log on to a remote access service.



RESOLUTION
WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk. To resolve this issue, remove the security policy, and then edit the registry key.

Part 1: Disable the Security Policy
Disable the following Group Policy setting on either the default domain or the domain controller organizational unit:

Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Shut down your system immediately if unable to log security audits

You can find this policy on the default domain policy, default domain controller policy, and local security policy.

Note After you disable the security policy, you must also remove the security policy registry key.

Part 2: Edit the CrashOnAuditFail Registry Key
 Click Start, and then click Run. In the Open box, type regedt32.exe, and then click OK. Click the following registry key:

 

 In the right pane, double-click  . In the Value data box, type 0 (zero), and then click OK. Click Start, and then click Run.</li> In the Open box, type secedit /refreshpolicy machine_policy /enforce, and then click OK to apply the new security setting.</li> Restart your server.</li></ol>

<div class="moreinformation_section">

MORE INFORMATION
For more information about Windows 2000 security templates and policies, click the following article number to view the article in the Microsoft Knowledge Base:

234926 Windows 2000 security templates are incremental

Keywords: kberrmsg kbprb KB285665

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.