And, when I was adding users to log on locally, I forgot to add the administrator account, and now I cannot log on locally to this machine. I can, on the other hand, log onto the machine with the users I added -- but they have insufficient rights to change anything. I even tried to Run AS admin but with no luck.
Is it possible to start in Directory Services restore mode and then maybe revert the settings, or just grant the admin account log on locally permissions, at least?
However, there is a possible solution. Knowledge Base article 226243 details a way to replace the user rights section to the default by editing the gpttmpl.inf file of the default policy. Unfortunately, this file is protected, and by default, only administrators have the right to write to this file. If you log on in directory Service Restore mode, you will be able to change the file, or if necessary, take control of the file and then change it. Be sure to follow the directions in the article exactly. Let me know how it works out.
Dig Deeper on Windows 10 security and management
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.