Hey guys,

So this might be something useful. The other day I ran into an issue where a virus deleted a registry key or a number of them, one of them was used for allowing remote access into computer management. Make sure that the “LocalAccountTokenFilterPolicy” is set to “1”.  On this PC it was completely removed, so I was unable to remotely access the server.

 

Steps:

  1.  Open up regedit
  2.  Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
  3. Create a DWORD
  4. Create a value called: “LocalAccountTokenFilterPolicy”
  5. Value Data = “1”.
  6. Press “OK”

 

Now reboot and you should be able to access the server remotely.

 

Figured I should write something up about this…