Unable to login Windows Server 2012 after making local policy changes RRS feed

  • Question

  • Experts, we have modified the local policy setting on the windows server 2012 and badly it was domain controller now none of the users are able to login to the server. After entering the user name and password it will launch till welcome screen then it errors out saying user name or password incorrect. below are the steps which we followed

    1. Policy setting is located in Computer Configuration\Security Settings\Local Policies\Security Options \Network security: Configure encryption types allowed for Kerberos values change from Not Configured to DES_CBC_MD5

    2. changed user attribute msDS-SupprtdEncryptionTypes to 2 , this account we were used for kerberos authentication. 

    3. Logged off from the server and then server doesn't allow any user to login.


    Saturday, April 18, 2015 5:32 AM

All replies

  • Have you tried connecting to the server from a 2nd DC? Have you tried installing the RSAT tools on a domain member server and modify the offending policy ?

    last choice would be restart the DC into safe mode. 
    • Edited by Azarya Thursday, April 23, 2015 8:13 PM
    Thursday, April 23, 2015 8:12 PM