Article ID: 970879 - View products that this article applies to.
RAPID PUBLISHING ARTICLES PROVIDE INFORMATION DIRECTLY FROM WITHIN THE MICROSOFT SUPPORT ORGANIZATION. THE INFORMATION CONTAINED HEREIN IS CREATED IN RESPONSE TO EMERGING OR UNIQUE TOPICS, OR IS INTENDED SUPPLEMENT OTHER KNOWLEDGE BASE INFORMATION.
After logging on to a Windows Vista or Windows Server 2008 computer, you are presented with a blank screen with no Start Menu, shortcuts, or icons. If you reboot and use F8 to boot to Safe Mode with Networking, you will see your normal desktop.
You may see the following events in the Application log:
Log Name: Application
Event ID: 4006
The Windows logon process has failed to spawn a user application. Application name: . Command line parameters: C:\Windows\system32\logon.scr /s.
Log Name: Application
Event ID: 4006
The Windows logon process has failed to spawn a user application. Application name: . Command line parameters: C:\Windows\system32\userinit.exe.
This may occur when the membership of the local Users group is changed from the default settings. By default, the local Users group should contain the Interactive account and the Authenticated Users group.
By default, User Account Control (UAC) is enabled. At logon, the standard user access token is built, and if the Users group is missing the default members, the user will be unable to interact with the desktop, resulting in the blank desktop being displayed.
Add the Authenticated Users group and Interactive account to the local Users group.
For both methods below you will need to first restart and select F8 at boot in order to boot to Safe Mode with Networking.
Run the following commands from a command prompt:
Net localgroup Users Interactive /add
Net localgroup Users "Authenticated Users" /add
When an administrator logs on, the full administrator access token is split into two access tokens: a full administrator access token and a standard user access token.
During the logon process, the administrative privileges and user rights in the full administrator access token are filtered, resulting in the standard user access token. The standard user access token is then used to launch the Explorer.exe process which displays the desktop.
When the local Users group does not contain the default members, the standard user access token does not have sufficient permissions available to launch Explorer.exe, and only a blank desktop is displayed.
When UAC is turned off, only the full privilege access token is generated for the user and the membership of the local Users group does not impact the permissions available in that token.
Unlike previous versions of Windows, Vista makes a distinction between the built-in Administrator account and members of the Administrators group. The built-in Administrator account still has full read/write access to the computer and runs with the full administrative access token. UAC administrators are also members of the local Administrators group, but they run with the same access token as standard users.
MICROSOFT AND/OR ITS SUPPLIERS MAKE NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY, RELIABILITY OR ACCURACY OF THE INFORMATION CONTAINED IN THE DOCUMENTS AND RELATED GRAPHICS PUBLISHED ON THIS WEBSITE (THE “MATERIALS”) FOR ANY PURPOSE. THE MATERIALS MAY INCLUDE TECHNICAL INACCURACIES OR TYPOGRAPHICAL ERRORS AND MAY BE REVISED AT ANY TIME WITHOUT NOTICE.
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, MICROSOFT AND/OR ITS SUPPLIERS DISCLAIM AND EXCLUDE ALL REPRESENTATIONS, WARRANTIES, AND CONDITIONS WHETHER EXPRESS, IMPLIED OR STATUTORY, INCLUDING BUT NOT LIMITED TO REPRESENTATIONS, WARRANTIES, OR CONDITIONS OF TITLE, NON INFRINGEMENT, SATISFACTORY CONDITION OR QUALITY, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, WITH RESPECT TO THE MATERIALS.