This tip was submitted to the searchSecurity Tip Exchange by user Ken Buszta. Let other users know how useful it is by rating the tip below. Recently, a user came to me with a dilemma. He was "fine tuning" his Windows 2000 desktop and had disabled his abilities to log on from the network and locally. Thus, he could not obtain access to his box. This situation also prevented the use of the NTrights utility. Additionally, they had not made a backup of the critical files before starting on the adventure. Using the Recovery Console, I was able to restore their previous security settings without any loss of data. The user did not have Recovery Console installed, so I boot from the ERDs I created and loaded up the Recovery Console. I checked the dates on the files in the %systemroot%/repair/regback directory and found that the user had not done a recent backup in about a week. After renaming the original SECURITY file in the %systemroot%/config directory, I copied the SECURITY file within the regback directory over to the config directory and then rebooted the machine. The system came back up without any issues, and the user was able to log on.
This was first published in November 2001