Black screen after logging in on Windows 2012 R2 using domain credentials on remote desktop connection
https://support.microsoft.com/en-us/kb/970879
RAPID PUBLISHING ARTICLES PROVIDE INFORMATION DIRECTLY FROM WITHIN THE MICROSOFT SUPPORT ORGANIZATION. THE INFORMATION CONTAINED HEREIN IS CREATED IN RESPONSE TO EMERGING OR UNIQUE TOPICS, OR IS INTENDED SUPPLEMENT OTHER KNOWLEDGE BASE INFORMATION.
After logging on to a Windows Vista or Windows Server 2008 computer, you are presented with a blank screen with no Start Menu, shortcuts, or icons. If you reboot and use F8 to boot to Safe Mode with Networking, you will see your normal desktop.
You may see the following events in the Application log:
Log Name: Application
Source: Microsoft-Windows-Winlogon
Event ID: 4006
Level: Warning
User: N/A
Computer: M1.Contoso.com
Description:
The Windows logon process has failed to spawn a user application. Application name: . Command line parameters: C:\Windows\system32\logon.scr /s.
Log Name: Application
Source: Microsoft-Windows-Winlogon
Event ID: 4006
Level: Warning
User: N/A
Computer: M1.Contoso.com
Description:
The Windows logon process has failed to spawn a user application. Application name: . Command line parameters: C:\Windows\system32\userinit.exe.
This may occur when the membership of the local Users group is changed from the default settings. By default, the local Users group should contain the Interactive account and the Authenticated Users group.
By default, User Account Control (UAC) is enabled. At logon, the standard user access token is built, and if the Users group is missing the default members, the user will be unable to interact with the desktop, resulting in the blank desktop being displayed.
Add the Authenticated Users group and Interactive account to the local Users group.
For both methods below you will need to first restart and select F8 at boot in order to boot to Safe Mode with Networking.
Run the following commands from a command prompt:
Net localgroup Users Interactive /add
Net localgroup Users "Authenticated Users" /add
When an administrator logs on, the full administrator access token is split into two access tokens: a full administrator access token and a standard user access token.
During the logon process, the administrative privileges and user rights in the full administrator access token are filtered, resulting in the standard user access token. The standard user access token is then used to launch the Explorer.exe process which displays the desktop.
When the local Users group does not contain the default members, the standard user access token does not have sufficient permissions available to launch Explorer.exe, and only a blank desktop is displayed.
When UAC is turned off, only the full privilege access token is generated for the user and the membership of the local Users group does not impact the permissions available in that token.
Unlike previous versions of Windows, Vista makes a distinction between the built-in Administrator account and members of the Administrators group. The built-in Administrator account still has full read/write access to the computer and runs with the full administrative access token. UAC administrators are also members of the local Administrators group, but they run with the same access token as standard users.
Blank Desktop on Windows Vista or Windows Server 2008
Source: Microsoft Support
RAPID PUBLISHING
Symptom
After logging on to a Windows Vista or Windows Server 2008 computer, you are presented with a blank screen with no Start Menu, shortcuts, or icons. If you reboot and use F8 to boot to Safe Mode with Networking, you will see your normal desktop.
You may see the following events in the Application log:
Log Name: Application
Source: Microsoft-Windows-Winlogon
Event ID: 4006
Level: Warning
User: N/A
Computer: M1.Contoso.com
Description:
The Windows logon process has failed to spawn a user application. Application name: . Command line parameters: C:\Windows\system32\logon.scr /s.
Log Name: Application
Source: Microsoft-Windows-Winlogon
Event ID: 4006
Level: Warning
User: N/A
Computer: M1.Contoso.com
Description:
The Windows logon process has failed to spawn a user application. Application name: . Command line parameters: C:\Windows\system32\userinit.exe.
Cause
By default, User Account Control (UAC) is enabled. At logon, the standard user access token is built, and if the Users group is missing the default members, the user will be unable to interact with the desktop, resulting in the blank desktop being displayed.
Resolution
Add the Authenticated Users group and Interactive account to the local Users group.
For both methods below you will need to first restart and select F8 at boot in order to boot to Safe Mode with Networking.
Method 1
- Click Start, Run, type lusrmgr.msc then ENTER.
- Select Groups in the left pane.
- Double-click Users in the right pane.
- Click Add, and then click Locations. Scroll to the top of the Locations dialog and select the local computer name, then click OK.
- In the Enter the object names to select field, type Interactive; Authenticated Users (separated by a semi-colon). Then click OK.
- Restart the computer.
Method 2
Run the following commands from a command prompt:
Net localgroup Users Interactive /add
Net localgroup Users "Authenticated Users" /add
More Information
When an administrator logs on, the full administrator access token is split into two access tokens: a full administrator access token and a standard user access token.
During the logon process, the administrative privileges and user rights in the full administrator access token are filtered, resulting in the standard user access token. The standard user access token is then used to launch the Explorer.exe process which displays the desktop.
When the local Users group does not contain the default members, the standard user access token does not have sufficient permissions available to launch Explorer.exe, and only a blank desktop is displayed.
When UAC is turned off, only the full privilege access token is generated for the user and the membership of the local Users group does not impact the permissions available in that token.
Unlike previous versions of Windows, Vista makes a distinction between the built-in Administrator account and members of the Administrators group. The built-in Administrator account still has full read/write access to the computer and runs with the full administrative access token. UAC administrators are also members of the local Administrators group, but they run with the same access token as standard users.
Comments