Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Can't log in locally to 2003 server machine with AD...

Posted on 2004-09-02
19
Medium Priority
?
384 Views
Last Modified: 2010-05-18
I have setup a Win 2003 server with AD. I want to log in to the machine locally but there is no option for that in the login dropdown. How can I set it to allow me this option?
0
Comment
Question by:Paul Montgomery
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
  • 3
  • +2
19 Comments
 
LVL 4

Accepted Solution

by:
ehammersley earned 1000 total points
ID: 11964691
You don't.

A Windows 2003 Server w/ AD installed no longer contains a local security authority.  AD is that machines authority.  Member servers and workstations are the only ones you can login to locally.  In order to login to a AD machine you must possess credentials in the AD Domain.  The security of the domain being a key factor here because control of the domain controller should only be controlled by the domain itself.  If that makes any sense.
0
 

Author Comment

by:Paul Montgomery
ID: 11964748
What would happen if for example the nic went down on that machine and you needed to have access?
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 11964768
You would "log in" to the domain with cached credentials, since no domain controller could be contacted...
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 4

Expert Comment

by:ehammersley
ID: 11964785
Wait... I understood your question to be that you wanted to login locally to a server that has AD installed.  In other words it's a domain controller, for lack of a better term.

If that is correct then it will authenicate the login against its own copy of the AD and doesn't need the network.
0
 

Author Comment

by:Paul Montgomery
ID: 11964818
If I try to do this it tells me "No domain controller could be found"
0
 

Author Comment

by:Paul Montgomery
ID: 11964874
ehammersley - yes that is correct
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 11965055
Try pulling out the network cable and logging in again...
0
 

Author Comment

by:Paul Montgomery
ID: 11965669
sirbounty - no go. The connection problem I can troubleshoot. My big problem is how to access the machine when it's telling me "No domain controller can be found" and there's no other choices for a login.
0
 
LVL 67

Assisted Solution

by:sirbounty
sirbounty earned 1000 total points
ID: 11967744
Can you ping it remotely?
Can you boot up into safe mode?
Try connecting to the IPC$ share
From a remote system:
NET USE \\Server\IPC$ /user:DOMAIN\DOMAINADMIN PASSWORD
0
 

Author Comment

by:Paul Montgomery
ID: 11968179
So your basically telling me there's no way to get into my system locally if there's no network connection?
0
 
LVL 6

Expert Comment

by:Casca1
ID: 11970073
DSRestore mode. The equivalent of AD safemode. You can either get command prompt or GUI.
I think this is what you're asking for...
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 11972798
Can you remove the network cable and reboot it remotely?

Shutdown \\myserver

(or get psshutdown from sysinternals.com)
If it doesn't 'see' a network, you should have the option to log on with cached credentials...
0
 

Expert Comment

by:fluidsmgmt
ID: 11973367
It sounds like to me your trying to log onto the server as a user that is not a domain admin.

You MUST use the domain Administrator account to log onto a DC, or at least a user that is in the domain admin group.

Non domain admins can not "Log on locally" to a domain controller.

What account are you using to log on?
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 11973405
To add to that - server operator group members may also log in locally.
But honestly, I don't think you would recieve the "no domain controller" error  - you'd get the "user does not have the log on locally permission" error...
0
 

Expert Comment

by:fluidsmgmt
ID: 11973430
When you installed Active Directory, you should have been asked what you want the administrator password to be.

Login as administrator with that password.
0
 

Expert Comment

by:fluidsmgmt
ID: 11973491
SirBounty is correct.. but it doesn't sound like ANYTHING has been done in AD Users and Groups.  Logged in as normal local account - install AD, then reboot.

I agree the no domain controller error is interesting.

Makes me think that DNS was not also installed on the same box, and during AD install, you said don't install DNS.
0
 
LVL 6

Expert Comment

by:Casca1
ID: 11978444
Ya know, the DNS sounds right. What kind of DNS servers you using?
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question