Microsoft KB Archive/155076

= Only Administrators May Log in After Applying C2 Security from the Windows NT 4.0 Resource Kit =

Article ID: 155076

Article Last Modified on 11/1/2006

-

APPLIES TO


 * Microsoft Windows NT Server 3.5
 * Microsoft Windows NT Server 3.51
 * Microsoft Windows NT Server 4.0 Standard Edition

-



This article was previously published under Q155076



SYMPTOMS
After you apply C2 security from the Windows NT Resource Kit, only user accounts that are members of the administrator's group are allowed to log on. Others receive one of the following messages:

You are not allowed to logon from this workstation.

-or-

Your account is configured to prevent you from using this workstation.



CAUSE
The C2 configuration application is configured with CrashOnAuditFail set to 2. This value allows only administrators to log on to a server.

NOTE: An alternate error

Access Denied: an extended error has occurred

may occur when attempting to connect to a file share on a server. This may also indicate that CrashOnAuditFail is set to a value of 0x2.



RESOLUTION
WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.  Start Registry Editor (Regedt32.exe) and select the following subkey:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

 Look for the value CrashOnAuditFail. If the value is set to 2, follow instructions outlined in 140058 to change this value.

Additional query words: prodnt reskit c2 security logon login

Keywords: kbenv kbnetwork KB155076

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.