Re: Can't login interactively after domain rename
From: Roger Abell (mvpNOSpam_at_asu.edu)
Date: 05/18/04
- Next message: anonymous_at_discussions.microsoft.com: "Re: Stop users altering desktop background?(loophole found)"
- Previous message: Roger Abell: "Re: Removing\Disabling Shared Folders with a GPO"
- In reply to: Brett: "Can't login interactively after domain rename"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 18 May 2004 01:48:02 -0700
Evidently Domain Users is not in Users on those machines,
or, other changes have occurred to effect the Domain Users
no longer being granted "Log on locally" user right on the
workstations. Check the values in the effective policies on
those workstations, for the policies in the User Rights section
for Log on locally, and Deny local logon.
The message you cite shows that their accounts are being
recognized, and so the workstation is correctly joined into
the renamed domain.
-- Roger Abell Microsoft MVP (Windows Server System: Security) MCSE (W2k3,W2k,Nt4) MCDBA "Brett" <bmoffitt@iastate.edu> wrote in message news:e51c01c43c64$c0945800$a601280a@phx.gbl... > As a member of the users group, if I try to logon to any > workstation in the domain, I get a message saying "The > local policy of this system does not permit you to logon > interactively." If I logon with Domain Admin credentials, > I have no problems. I'm trying to figure out what I did. > I recently went through a domain renaming process and used > the dcgpofix tool to restore the default GPO but not > luck. The only other solution I can think of is to do a > DCPROMO and start from scratch. > > (Please copy replies to my email address: > bmoffitt@iastate.edu)
- Next message: anonymous_at_discussions.microsoft.com: "Re: Stop users altering desktop background?(loophole found)"
- Previous message: Roger Abell: "Re: Removing\Disabling Shared Folders with a GPO"
- In reply to: Brett: "Can't login interactively after domain rename"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
