snurd3
asked on
Not permitted to logon interactively.
This is a problem that turns up periodically. I have it right now. I have one Windows XP machine which does not allow users to logon interactively (except the administrator). The machine is on a Windows 2K server network. They are not in the deny logon locally group and, on the Domain Controller, they are in the Allow local logon group. I have used the Windows resource kit application NTrights to specifically allow the SeInteractiveLogonRight for this user. I get a message that this right has been set successfully. The machine allows the user to logon once. Then it will not allow the user to logon again.
I have seen Windows 2K workstations do this repeatedly, but never an XP workstation. I just don't seem to be able to find anything on this.
I read something about an interactive logon group in another post, but can't find that group anywhere.
Any help would be appreciated.
I have seen Windows 2K workstations do this repeatedly, but never an XP workstation. I just don't seem to be able to find anything on this.
I read something about an interactive logon group in another post, but can't find that group anywhere.
Any help would be appreciated.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
--------
you need to check whether the same user gets the message on the the Xp w/s.
you could run the gpresult for the user.
usually the message that " the local policy of the system prevents you from logging on interactively" could very well mean that the policy is either getting applied somewhere or is getting overwritten, on xp you could run the RSOP.msc to find the resultant set of policies.
the policy get applied in this order
local.
site.
domain
OU.
since the user logs in to the domain check the DC policy as well.check whether there are any policies affecting this user.
--------------------------