Solved

Can't log in locally to 2003 server machine with AD...

Posted on 2004-09-02
19
336 Views
Last Modified: 2010-05-18
I have setup a Win 2003 server with AD. I want to log in to the machine locally but there is no option for that in the login dropdown. How can I set it to allow me this option?
0
Comment
Question by:paulm235
  • 5
  • 5
  • 3
  • +2
19 Comments
 
LVL 4

Accepted Solution

by:
ehammersley earned 250 total points
Comment Utility
You don't.

A Windows 2003 Server w/ AD installed no longer contains a local security authority.  AD is that machines authority.  Member servers and workstations are the only ones you can login to locally.  In order to login to a AD machine you must possess credentials in the AD Domain.  The security of the domain being a key factor here because control of the domain controller should only be controlled by the domain itself.  If that makes any sense.
0
 

Author Comment

by:paulm235
Comment Utility
What would happen if for example the nic went down on that machine and you needed to have access?
0
 
LVL 67

Expert Comment

by:sirbounty
Comment Utility
You would "log in" to the domain with cached credentials, since no domain controller could be contacted...
0
 
LVL 4

Expert Comment

by:ehammersley
Comment Utility
Wait... I understood your question to be that you wanted to login locally to a server that has AD installed.  In other words it's a domain controller, for lack of a better term.

If that is correct then it will authenicate the login against its own copy of the AD and doesn't need the network.
0
 

Author Comment

by:paulm235
Comment Utility
If I try to do this it tells me "No domain controller could be found"
0
 

Author Comment

by:paulm235
Comment Utility
ehammersley - yes that is correct
0
 
LVL 67

Expert Comment

by:sirbounty
Comment Utility
Try pulling out the network cable and logging in again...
0
 

Author Comment

by:paulm235
Comment Utility
sirbounty - no go. The connection problem I can troubleshoot. My big problem is how to access the machine when it's telling me "No domain controller can be found" and there's no other choices for a login.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 67

Assisted Solution

by:sirbounty
sirbounty earned 250 total points
Comment Utility
Can you ping it remotely?
Can you boot up into safe mode?
Try connecting to the IPC$ share
From a remote system:
NET USE \\Server\IPC$ /user:DOMAIN\DOMAINADMIN PASSWORD
0
 

Author Comment

by:paulm235
Comment Utility
So your basically telling me there's no way to get into my system locally if there's no network connection?
0
 
LVL 6

Expert Comment

by:Casca1
Comment Utility
DSRestore mode. The equivalent of AD safemode. You can either get command prompt or GUI.
I think this is what you're asking for...
0
 
LVL 67

Expert Comment

by:sirbounty
Comment Utility
Can you remove the network cable and reboot it remotely?

Shutdown \\myserver

(or get psshutdown from sysinternals.com)
If it doesn't 'see' a network, you should have the option to log on with cached credentials...
0
 

Expert Comment

by:fluidsmgmt
Comment Utility
It sounds like to me your trying to log onto the server as a user that is not a domain admin.

You MUST use the domain Administrator account to log onto a DC, or at least a user that is in the domain admin group.

Non domain admins can not "Log on locally" to a domain controller.

What account are you using to log on?
0
 
LVL 67

Expert Comment

by:sirbounty
Comment Utility
To add to that - server operator group members may also log in locally.
But honestly, I don't think you would recieve the "no domain controller" error  - you'd get the "user does not have the log on locally permission" error...
0
 

Expert Comment

by:fluidsmgmt
Comment Utility
When you installed Active Directory, you should have been asked what you want the administrator password to be.

Login as administrator with that password.
0
 

Expert Comment

by:fluidsmgmt
Comment Utility
SirBounty is correct.. but it doesn't sound like ANYTHING has been done in AD Users and Groups.  Logged in as normal local account - install AD, then reboot.

I agree the no domain controller error is interesting.

Makes me think that DNS was not also installed on the same box, and during AD install, you said don't install DNS.
0
 
LVL 6

Expert Comment

by:Casca1
Comment Utility
Ya know, the DNS sounds right. What kind of DNS servers you using?
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Join & Write a Comment

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now