Your Cloud Partner in Busines or Home
Microsoft Consultant

So you might find yourself in a pickle sometimes logging into a server or computer and you get this annoying message:

Hopefully as a good SysAdmin you did create local admins or have an alternative login. Sometimes restarting into safe mode gives you access to the user account.

Next you need to unwrap your registry ninja skills:

Following this string: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList you will be able to see the massacre unfold.

You can find the User directory by inspecting the keys. Usually you will delete the SID.bak entry to gain access to your profile, sometimes you need to delete the duplicate key and rename the SID.bak.



Sometimes the login service uses your SID as the temp profile. Then you need to delete that key and remove the .bak part on the SID with your profile. If yours is still there but you are logged into a TEMP profile just delete the key SID.bak

You might have noticed the SID ending 500. That is your local admin. Local admins will increment 500, 501, 502 etc. The domain users are 1000.


Now log out and sign back into your profile.

So how does this happen? Many reasons. Some being permissions on the C:\ drive so check your users security groups and memberships. Other times it just may be a delay in the logon service or an improper session between the server and DC.


Author: Jacobus Burger

We will credit articles with a link back to their site if it is not original content.