Solved

The local policy of this system does not permit you to logon interactively

Posted on 2003-12-01
8
117,881 Views
Last Modified: 2013-12-04
I recently upgraded our second server to be an additional Active Directory computer.  When I did this all of the user that were in the group Domain Users would get the error message "The local policy of this system does not permit you to logon interactively" when they tried to log into the server through Terminal Services.  I know that I could add them to the administrator group and they wouldn't get this message, but I don't want to have to do this.

I have gone into gpedit.msc and for the policy Log On Locally, I have added the group "Domain Users" however, the Effective Settings, has this policy disabled for Domain Users.  Where is this effective setting coming from?

Thanks

0
Comment
Question by:dovcamp
8 Comments
 
LVL 32

Accepted Solution

by:
Luc Franken earned 500 total points
ID: 9851897
0
 
LVL 4

Author Comment

by:dovcamp
ID: 9852565
0
 
LVL 32

Expert Comment

by:Luc Franken
ID: 9852599
Glad to help you solve your problem.
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 

Expert Comment

by:JamesYong
ID: 11672284
I changed my Group Policy. Now I cannot even logon into my Domain using the correct user name and password.
I got the following message after I type in administrator as user name . And I use the correct password:

"Local Policy of this system does not permit you to logon interactively"

Is there any way to logon to the Domain and change the Group Policy?

Or do I you to re-install the windows 2000 server starting from scratch?
0
 
LVL 4

Author Comment

by:dovcamp
ID: 11673055
0
 

Expert Comment

by:crarey
ID: 13472916
I have three servers that are load balanced. i just added the third server, and I receive the error "Local Policy of this system does not permit you to logon interactively". A domain user can login to the first two servers, but not on the third.

I tried the one the fix above, but a domain user is still unable to login to the third server.

Any ideas?
0
 

Expert Comment

by:LostinParadise
ID: 15083017
I too have the problem, but it is occurring in SBS 2003. I have tried the above solutioni and can get at the way to were it wants me to execute a secedit command.  The syntax they are asking for does not exist.  Any idea's  Can I get away with a simple reboot?
0
 

Expert Comment

by:alan_8sg
ID: 20442193
User May Be Authenticated by Wrong Domain
View products that this article applies to.
Article ID : 227904
Last Review : February 26, 2007
Revision : 3.2
This article was previously published under Q227904
SYMPTOMS
When you log on to a Windows 2000 domain, you may receive either or both of the following error messages: " Logon Denied--The password is incorrect. Please retype your password. Letters in passwords must be typed using the correct case. Make sure that Caps Lock key is not accidentally on.
The Local policy of this system does not permit you to log on interactively.

Back to the top

CAUSE
This behavior can occur if two domain controllers are promoted using Dcpromo.exe with identical domain names, and both domain controllers are installed as the first domain controller for the specified domain.

You cannot reliably configure two separate domains with the same name. Because both domains register with DNS, there is no way to control which name is resolved to the client.
Back to the top

RESOLUTION
Two resolve this issue, use either of the following methods: " Remove one of the domains with the identical name.
" Using Dcpromo.exe, demote all the domain controllers in the second domain, then use Dcpromo.exe to promote these computers to be domain controllers in the original domain.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Change Polcy settings to defaults 7 88
Has this user really been infected by Ransomware? 3 142
Is my Machine open to hackers 3 101
Firewall -- detecting ex-owner activity ? 1 52
As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question