Re: The local policy of this system does not permit you to logon i

Franky,

Are you having the problem with the domain admin account or another account
trying to log onto the server?

Matt

"Franky" wrote:

Hi

I am experiencing exactly this problem & have found no resolution to this as
of yet

Les has given me some guides to follow though you may want to try the
following guide

http://support.microsoft.com/kb/841188

Hope this helps

Paul

"MSExchangeStudent" <exchangestudent@xxxxxxxxxxxxxx> wrote in message
news:u1nge9vmIHA.5084@xxxxxxxxxxxxxxxxxxxxxxx

"Matabra" <Matabra@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:3339FAC5-27A7-4B2B-83B6-479E2A2E7FCD@xxxxxxxxxxxxxxxx
The reason for this is that he is trying to log directly onto the server.
He
will need to be given the "allowed to log on interactively" right

Ok, i will do that.Thanks

I assume this is related to your earlier post.. Do you trust this person?
if
so, give him Domain Admin rights for long enough to install his app, then
remove him from that group.
I did that in the meanwhile while waiting for your reply and you confirm
the same. 100%. thanks you very much

Depends also whether this is a production network or test network, and
what
security policies are in place.

"MSExchangeStudent" wrote:

A user get this when trying to log on directly onto the server with his
credentials but when i use the exact same credentials and log in via RDC
from a different location i can get in.

He is allready granted "Allow logon throught terminal services...right"?
Why is this happening?







.

Relevant Pages

  • Re: cached login credentials
    ... large this residual risk is, because I can avoid it all together ... as it causes cached credentials to be stored as well. ... Remember that a "rainbow table attack" against a cached domain ... domain admin account credentials), is a credential cached anywhere for the ...
    (microsoft.public.windowsxp.security_admin)
  • Re: cached login credentials
    ... it takes longer to investigate an attack and clean up after it than ... in my network (egads! ... credentials, and uses runas to do priviledged operations (assume they ... domain admin account credentials), is a credential cached anywhere for ...
    (microsoft.public.windowsxp.security_admin)
  • Re: cached login credentials
    ... domain admin account credentials), is a credential cached anywhere for the ... but the best way to thwart this attack is to make ... sure you don't get your laptop stolen. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: cached login credentials
    ... , it takes longer to investigate an attack and clean up after it than it does simply to nuke-and-pave, flatten-and-rebuild, whatever. ... then over time through precision monitoring of network ... Anything that does an interactive logon will store cached credentials, ... > domain admin account credentials), is a credential cached anywhere for> the ...
    (microsoft.public.windowsxp.security_admin)
  • Re: cached login credentials
    ... Anything that does an interactive logon will store cached credentials, so yes, the GUI RunAs will do this. ... They're effective in pass-the-hash attacks, and this is why I've become an ardent fan of long simple passphrases rather than short complex passwords. ... domain admin account credentials), is a credential cached anywhere for the ... password cracking attacks from your list of worries, ...
    (microsoft.public.windowsxp.security_admin)