Microsoft KB Archive/269397

= Logon Process Hangs After Encrypting Files on Windows 2000 =

Article ID: 269397

Article Last Modified on 3/1/2007

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Professional Edition

-



This article was previously published under Q269397



SYMPTOMS
After you encrypt files on your Windows 2000-based computer, the computer may stop responding (hang) during the logon process. When this occurs, no users can log on to the computer.



CAUSE
This behavior can occur if the Autoexec.bat file in the root folder of the system drive has been encrypted.



RESOLUTION
To resolve this issue:
 * 1) Start the Windows 2000 Recovery Console.
 * 2) Type cd c:\, and then press ENTER.
 * 3) Type rename autoexec.bat autoexec.old, and then press ENTER.
 * 4) Type exit, and then press ENTER.

For additional information about Recovery Console, click the article number below to view the article in the Microsoft Knowledge Base:

229716 Description of the Windows 2000 Recovery Console

To prevent the Autoexec.bat file from becoming encrypted, use the following steps.

NOTE: These steps prevent all users from modifying the Autoexec.bat file unless an account with administrator rights is later used to change the access permissions.
 * 1) Log on to the computer by using an account with administrator access to the local computer.
 * 2) Double-click My Computer.
 * 3) Double-click the drive that contains your Windows 2000 installation.
 * 4) Right-click the Autoexec.bat file, and then click Properties.
 * 5) Click the Security tab.
 * 6) Click to clear the Allow inheritable permissions from parent to propagate to this object check box.
 * 7) In the Security dialog box that appears, click Remove.
 * 8) Click Add.
 * 9) In the Look-In box, click the name of the current computer.
 * 10) In the Name box, click System, and then click Add.
 * 11) Click OK.
 * 12) Verify that only the Read and Execute and Read permissions are selected.
 * 13) Click OK.



MORE INFORMATION
Some system files, such as the Autoexec.bat file, are processed before the user logon process is completed. If these files are encrypted, users cannot log on to the computer because Windows cannot gain access to the credentials that are required to decrypt the file until the user with the appropriate Encrypting File System (EFS) key has logged on.

Additional query words: dos attack

Keywords: kbefs kbprb KB269397

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.