No announcement yet.

Strange login failure on a 2003 R2 Enterprise

  • Filter
  • Time
  • Show
Clear All
new posts

  • Strange login failure on a 2003 R2 Enterprise

    Hoping someone here can helkp with this puzzler - I have been doing windows admin for 15 years and I don't think I've ever had to post a question online before- usually get pretty lucky with the oracle of google and a healthy dose of patience. Not this time though...

    I Recently restarted a 2003 Enterprise R2 server which has been up for about 40 days with no prior issues. Reason for restart was to apply the 2 or 3 most recent KB updates.

    Reboot process was uneventful, no notices of failed services or drivers etc.

    When trying to log in at the console (physical console), after pressing Ctrl-Alt-Delete and entering the usual admin creds and pressing , the "Log On To Windows" window (GINA) freezes - the OK button stays depressed / pushed in and the mouse pointer disappears (or sometimes shows the Busy pointer) when passed over the window.

    After about 5 minutes, the Log On To Windows window disappears and the "Welcome To Windows Press Ctrl-Alt-Del" (SAC) window comes back up. Repeat login attempts have the same effect.

    No beep, no error message of any kind. Anyone ever seen this?

    Here's some more info:

    The machine is a domain controller on a small network with 2 DCs. Other DC is a Server 2003 SP2 machine, with the AD Schema updated to v31 to match the R2 box.

    Network logon and RPC works - I can see and access files over shares on this machine, can connect to the machine's regitry over the network, I can manage pretty much everything about it. I can even telnet into it if I enable and start the service.

    I can view the event log over the network. This doesn't help though - There's not a single clue to whats happening in the logs. All logon processes run and events fire normally from what I can tell so far. No errors or warnings.

    WMIC fails when I try to attach to it as a node, however. Not sure if this is a related, don't think I've tried to get into this machine via WMIC ever before.

    It does not matter what sort of account I try to log in with. Domain Admin account, Local admin account, user account, non-existent account, nonsense account, blank username, blank password - all produce the exact same effect.

    If I reboot to safe mode *without* network support, I can log in as a local machine admin. If I reboot to safemode *with* network support, I get the same problem. If I unplug the Ethernet cable and even unplug the netowrk adapter, same problem.

    Head explodes in 3......2........1......

  • #2
    Re: Strange login failure on a 2003 R2 Enterprise

    Can you log in via RDP? I would suggest removing the patches one by one if you can get a n RDP session until you gain access again.

    Are you running any third party "stuff" on this machine? e.g. monitoring/alerting; anti-virus, etc.

    For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

    Anything you say will be misquoted and used against you


    • #3
      Re: Strange login failure on a 2003 R2 Enterprise

      Hi Tom - thanks for replying. I Tried RDP also -same result as a local console login attempt. GINA freeze, then RDP session quits due to timeout with no successful login.

      I did come up with a different way to roll back the patches though - restored system partition from backup snapshot taken over the weekend - prior to applying the patches. Still getting the same problem, so it must have been waiting to strike before they were installed.

      Also - Third party stuff.. Hmm, well yes there are a number of things running on here but coincidentally, there is no anti virus nor any monitoring system running (though the system is itself monitored via SNMP - but the monitor lives on another box elsewhere on the LAN and we're using the built-in MS SNMP client and MIBs).

      The only significant 3rd pty app is VMWare server 2.0 - used to virtualize a single XP instance which is started on an as-needed basis for development test cycle purposes. I can try disabling all VMWare related services, but we've run VMWare on here for a couple years with no ill effects so far.
      Last edited by SDGenie; 20th January 2009, 13:09. Reason: added 3party info