That's not German Anyway, the error message isn't very specific. See what the event log has to say about the logon attempt.
Server is located in German but S.O. is in italian because i'm from Italy. I check event log and on first login there's this voice: Code: Privilegi speciali assegnati a nuovo accesso. Soggetto: ID sicurezza: VE1077\Prova Nome account: Prova Dominio account: VE1077 ID accesso: 0x198E1E4 Privilegi: SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Then this: Code: Accesso di un account non riuscito. Soggetto: ID sicurezza: NULL SID Nome account: - Dominio account: - ID accesso: 0x0 Tipo di accesso: 3 Account il cui accesso non è riuscito: ID sicurezza: NULL SID Nome account: Administrator Dominio account: WIN-3FOND43065A Informazioni sull'errore: Motivo dell'errore: Nome utente sconosciuto o password errata. Stato: 0xC000006D Stato secondario: 0xC000006A Informazioni sul processo: ID processo chiamante: 0x0 Nome processo chiamante: - Informazioni di rete: Nome workstation: WIN-3FOND43065A Indirizzo di rete di origine: - Porta di origine: - Informazioni di autenticazione dettagliate: Processo di accesso: NtLmSsp Pacchetto di autenticazione: NTLM Servizi transitati: - Nome pacchetto (solo NTLM): - Lunghezza chiave: 0
Security log events probably aren't that relevant (second one is about a wrong password, if it matters). My guess is you'd have to see some errors or warnings in the "system" log.
there aren't errors in the system log but in the application yes: Code: Impossibile copiare il file \\?\C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Help.lnk nel percorso \\?\C:\Users\Prova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Help.lnk. L'errore può essere dovuto a problemi di rete o a diritti di sicurezza insufficienti. DETTAGLI - Accesso negato. Code: Impossibile trovare il profilo locale. Per l'accesso sarà utilizzato un profilo temporaneo. I cambiamenti apportati al profilo andranno persi dopo la disconnessione. Code: Impossibile eseguire l'accesso perché non è stato possibile caricare il profilo dell'utente. Verificare che il computer sia connesso alla rete e che la rete funzioni correttamente. DETTAGLI - Richiesta ReadProcessMemory o WriteProcessMemory completata solo parzialmente.
Okay, first error indicates that it's unable to copy the file, which is probably an indication of incorrect permissions on either the source or target path (and could therefore fail the creation of the user profile directory). If that issue applies to new user accounts, maybe the permissions on the default profile are wrong. What's the output of the following command? Code: icacls "C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Help.lnk" Also, it's generally a good idea to post any error codes or event log IDs that are mentioned, since those are language-independent. It's not particularly easy trying to make sense of foreign-language error messages.
sorry: C:\Users\Administrator>icacls "C:\Users\Default\AppData\Roaming\Microsoft\Window s\Start Menu\Programs\System Tools\Help.lnk" C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System To ols\Help.lnk NT AUTHORITY\SYSTEMF) BUILTIN\AdministratorsF) NT AUTHORITY\SERVIZIO DI RETEF) Elaborazione completata per 1 file. Elaborazione non riuscita per 0 file C:\Users\Administrator>
That's not right, because regular users (not just admins and system) should have access to that file as well. However, since that one file's ACL is wrong I'd assume that (for whatever reason) other files/dirs in the default profile may have incorrect ACLs as well, and for that reason I'd consider it appropriate to restore ACLs for the entire default profile from the install image. To do that you'll have to obtain the "sources\install.wim" file from the Server 2012 install media (ISO) and mount it, e.g. to c:\_mount: Code: mkdir c:\_mount dism /mount-image /imagefile:install.wim /index:4 /mountdir:c:\_mount /readonly Then you can save ACLs from the mounted dir and apply them to your local one: Code: icacls c:\_mount\users\default /save c:\default.acl /t /c /l /q icacls c:\users /restore c:\default.acl /c /l /q (may have errors for files/dirs owned by System or TrustedInstaller, but in those cases, chances are that the ACLs are still properly set) Unmount image: Code: dism /unmount-image /mountdir:c:\_mount /discard Re-copying the entire default profile from the installation image would probably also work, but would break the WinSxS hardlinks and remove any profile customizations that may be present, so I'd try the ACL restore first.
Disabling the user account that OP is using while unable to create other accounts... yeah, that sure sounds like a great idea.
ohh thought he was on his account.. not translating well from spanish point of view to italian windows repair portable in safemode should do the trick.. add new user in safemode.
ehmm with this command you can't login anymore with remote desktop connection. Appear an error about a wrong password. EDIT: anyway i tried but same error during login with a new account.
i launched command on CMD but there's this error: Microsoft Windows [Versione 6.3.9600] (c) 2013 Microsoft Corporation. Tutti i diritti riservati. C:\Windows\system32>psexec.exe \\blablabla -s -e -u "ve1077\ Cacca" net.exe user administrator /active:yes "psexec.exe" non è riconosciuto come comando interno o esterno, un programma eseguibile o un file batch. C:\Windows\system32>
The command-line interpreter doesn't know about every single executable file on your machine. You'll have to tell it where to find psexec.exe, e.g. by using its full path instead of only "psexec.exe".
Uh, okay. That would be LocalAccountTokenFilterPolicy blocking access. I'm afraid you're going to need remote KVM, if available, and boot to safe mode. Log in with administrator and re-enable the account: Code: net.exe user administrator /active:yes