Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Can't log in locally to 2003 server machine with AD...

Posted on 2004-09-02
19
Medium Priority
?
385 Views
Last Modified: 2010-05-18
I have setup a Win 2003 server with AD. I want to log in to the machine locally but there is no option for that in the login dropdown. How can I set it to allow me this option?
0
Comment
Question by:Paul Montgomery
  • 5
  • 5
  • 3
  • +2
17 Comments
 
LVL 4

Accepted Solution

by:
ehammersley earned 1000 total points
ID: 11964691
You don't.

A Windows 2003 Server w/ AD installed no longer contains a local security authority.  AD is that machines authority.  Member servers and workstations are the only ones you can login to locally.  In order to login to a AD machine you must possess credentials in the AD Domain.  The security of the domain being a key factor here because control of the domain controller should only be controlled by the domain itself.  If that makes any sense.
0
 

Author Comment

by:Paul Montgomery
ID: 11964748
What would happen if for example the nic went down on that machine and you needed to have access?
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 11964768
You would "log in" to the domain with cached credentials, since no domain controller could be contacted...
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
LVL 4

Expert Comment

by:ehammersley
ID: 11964785
Wait... I understood your question to be that you wanted to login locally to a server that has AD installed.  In other words it's a domain controller, for lack of a better term.

If that is correct then it will authenicate the login against its own copy of the AD and doesn't need the network.
0
 

Author Comment

by:Paul Montgomery
ID: 11964818
If I try to do this it tells me "No domain controller could be found"
0
 

Author Comment

by:Paul Montgomery
ID: 11964874
ehammersley - yes that is correct
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 11965055
Try pulling out the network cable and logging in again...
0
 

Author Comment

by:Paul Montgomery
ID: 11965669
sirbounty - no go. The connection problem I can troubleshoot. My big problem is how to access the machine when it's telling me "No domain controller can be found" and there's no other choices for a login.
0
 
LVL 67

Assisted Solution

by:sirbounty
sirbounty earned 1000 total points
ID: 11967744
Can you ping it remotely?
Can you boot up into safe mode?
Try connecting to the IPC$ share
From a remote system:
NET USE \\Server\IPC$ /user:DOMAIN\DOMAINADMIN PASSWORD
0
 

Author Comment

by:Paul Montgomery
ID: 11968179
So your basically telling me there's no way to get into my system locally if there's no network connection?
0
 
LVL 6

Expert Comment

by:Casca1
ID: 11970073
DSRestore mode. The equivalent of AD safemode. You can either get command prompt or GUI.
I think this is what you're asking for...
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 11972798
Can you remove the network cable and reboot it remotely?

Shutdown \\myserver

(or get psshutdown from sysinternals.com)
If it doesn't 'see' a network, you should have the option to log on with cached credentials...
0
 

Expert Comment

by:fluidsmgmt
ID: 11973367
It sounds like to me your trying to log onto the server as a user that is not a domain admin.

You MUST use the domain Administrator account to log onto a DC, or at least a user that is in the domain admin group.

Non domain admins can not "Log on locally" to a domain controller.

What account are you using to log on?
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 11973405
To add to that - server operator group members may also log in locally.
But honestly, I don't think you would recieve the "no domain controller" error  - you'd get the "user does not have the log on locally permission" error...
0
 

Expert Comment

by:fluidsmgmt
ID: 11973430
When you installed Active Directory, you should have been asked what you want the administrator password to be.

Login as administrator with that password.
0
 

Expert Comment

by:fluidsmgmt
ID: 11973491
SirBounty is correct.. but it doesn't sound like ANYTHING has been done in AD Users and Groups.  Logged in as normal local account - install AD, then reboot.

I agree the no domain controller error is interesting.

Makes me think that DNS was not also installed on the same box, and during AD install, you said don't install DNS.
0
 
LVL 6

Expert Comment

by:Casca1
ID: 11978444
Ya know, the DNS sounds right. What kind of DNS servers you using?
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
Look below the covers at a subform control , and the form that is inside it. Explore properties and see how easy it is to aggregate, get statistics, and synchronize results for your data. A Microsoft Access subform is used to show relevant calcul…

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question