The security log is full – logon as an administrator

As part of a virtualisation project I can across this during the conversion of an SBS server before the server cals had been transferred. There are many other circumstances that you will see this but the basic problem remains the same. You must log on as an administrator to fix it.

So when you don’t have the local admin password what do you do ? Well I use use a tool from Petter Nordahl-Hagen to edit the local password – get the iso image (3MB) from here and burn it using Nero or your favourite iso burner.

Boot the machine and follow the prompts through to edit the password – set to blank or a predefined value – save the settings and reboot. Now you have got access to the machine to fix the log file size.

Anyone who has been around PCs for long enough will know that the default 512K size of the three windows logs is useless – especially when a problem occurs that logs a large amount of info to the event logs. Thus having this low value set and one of the options for not overwriting values for a period of 7 days or not at all can very rapidly become a problem for you.

Tip: set the size of the three default event logs to 5MB or more – review them regularly and make sure that any errors are investigated in a timely manner – not just when a problem occurs.

Tip: Always check with the user that their password is what you have been told and that they hadn’t changed in without telling anyone – you may have more hair if you do this.