Solved

The local policy of this system does not permit you to logon interactively

Posted on 2006-07-11
6
557 Views
Last Modified: 2010-04-13
Hi,

I have a W2K pro workstation that cannot logon with the Administrator account. It has joined a domain of an Win 2000 SBS server and no matter if I try to logon with the "Administrator" on this computer or "Administrator" account on the domain, it still gives "The local policy of this system does not permit you to logon interactively".

The W2K workstation uses FAT32 partition.  I have installed another W2K Pro O/S on the same computer in a different directory and I have tried copying the normal secedit.sdb from the new installation to the old one. And I have tried deleting the SAM file so that it would generate a new one. But the message, that I keep getting is "The local policy of this system does not permit you to logon interactively".

Is there a way that I can open the local policy file on the old installation to check what's the matter?

Thanks.

Peter
0
Comment
Question by:billyboy71
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 9

Expert Comment

by:dooleydog
ID: 17080638
Once you join the domain, you will need to use the domain administrator password. In addition, you can add most any user account to the list of users who can log on locally.

This is in Group Policy, - this link is for 2003, but it should be the same in 2000.

http://support.microsoft.com/default.aspx?scid=kb;en-us;323076

Good Luck,

0
 
LVL 26

Expert Comment

by:Pber
ID: 17081708
You need to set the policy for this user or group to logon locally.  

This can be done a few different ways:

This can be done by setting up a GPO and assigning it to the OU that the computer belongs to.

It can also be done by loading the local computer policy on the w2kpro machine if you can logon locally.
... or remotely by typing:

Gpedit.msc /gpcomputer:<machine name>

Unlimately whichever way you apply the policy, configuring it is the same in all cases ablve... Navigate to:
Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignments

In the field "Log On Locally", Grant the users/group you want to logon locally.
Reboot workstation and logon.
0
 

Author Comment

by:billyboy71
ID: 17083013
What is an OU?

I tried to using the Domain Controller to access the computer "test1".  It works, when I type gpedit.msc /gpcomputer: test1, but when I try to go the path that you talk about , it does not work.

I can get as far as Security Settings and when I am there I only see "IPsecuritypolicy on \\test1" .

Any other suggestions?

Thanks.
0
 

Author Comment

by:billyboy71
ID: 17096994
I found out the problem.  It turns out that my server, the Domain Controller had a setting under  "Logon Locally" in the the "Domain Security Policy". The setting was only for one particular user and the Administrators group was not added in there. There were 2 ways to solve the problem

1. Add the Administrators group to "Logon Locally"

2. Set "Logon Locally" to undefined.

Thanks for the suggestions. It helped me lead up to the resolution.

Peter
0
 

Accepted Solution

by:
ee_ai_construct earned 0 total points
ID: 17306407
PAQ / Refund
ee ai construct, community support moderator
0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
With the rising number of cyber attacks in recent years, keeping your personal data safe has become more important than ever. The tips outlined in this article will help you keep your identitfy safe.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question