Re: Local Policy doesn't allow logon interactively
From: lforbes (UseLinkToEmail_at_WindowsForumz.com)
Date: 12/30/04
- Next message: luc BEG: "RE: XPSP2 Windows Firewall Group Policy not being applied"
- Previous message: lforbes: "Re: remove e-mail from start menu"
- In reply to: rbaker: "Local Policy doesn't allow logon interactively"
- Messages sorted by: [ date ] [ thread ]
Date: 30 Dec 2004 14:02:48 -0500
"rbaker" wrote:
> We have a windows 2000 serve computer running Active
> Directory. The
> workstations are Windows 2000 prof. Just recently we noticed
> we were unable
> to log into any of the workstations locally as administrator.
> After
> replacing the security file from the repair directory using
> recovery console
> we were able to log in locally. As soon as we joined the
> domain we were no
> longer able to log locally into the workstations. I checked
> locally policy
> and domain policy on the server and for both the administrator
> was allowed
> log on locally rights. The deny log on locally was not
> defined. I tried
> creating a new group, assigning the administrator to that
> group, giving that
> group the log on locally permission for the default domaig
> policy, creating a
> new OU and assigning the default domain policy and still
> unable to log into
> the workstations locally. I am certain it's a domain policy
> setting rather
> than corrupt SID or registry hive on workstation because we
> only ever have
> the issue after joining the domain. Any other suggestions?
Hi,
In the Default Domain policy - Comp Config- Windows Settings -
Security Settings - Local Policies - User Rights assignment the
DEFAULT setting is "Not Defined". The ONLY Place that these User
Rights Assignments are defined by default is with the Defaut Domain
Controllers Group Policy.
Therefore someone set the policies in the Default Domain. Change all
to Not Defined and you should be fine.
IF you need to set User Rights Assignments in the future make sure you
create an OU for the computers and then create a new group policy and
set them there.
Cheers,
Lara
-- http://www.WindowsForumz.com/ This article was posted by author's request Articles individually checked for conformance to usenet standards Topic URL: http://www.WindowsForumz.com/Group-Policy-Local-logon-interactively-ftopict242365.html Visit Topic URL to contact author (reg. req'd). Report abuse: http://www.WindowsForumz.com/eform.php?p=740983
- Next message: luc BEG: "RE: XPSP2 Windows Firewall Group Policy not being applied"
- Previous message: lforbes: "Re: remove e-mail from start menu"
- In reply to: rbaker: "Local Policy doesn't allow logon interactively"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
