Solved

group policy - cannot change deny logon on locally list

Posted on 2006-12-01
5
1,681 Views
Last Modified: 2011-10-03
Hello,

I have a situation where a user is on the list to deny local logon and I want to remove him from this list. But when I go into the Deny log on locally settings the Add and Remove buttons are grayed out. Is there a reason why these buttons would be grayed out?

We use two Windows Server 2003 domain controllers with exchange server 2003, both are being used as a global catalogue.

Please help!

Thank you in advance,
Willi
0
Comment
Question by:daywilli
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 18055608
Where are you trying to change the settings - locally on the workstation, or at the domain level?  If locally at the workstation, are you logging on with a user ID that has administrative rights to the workstation?  If so, and it's still greyed out, then there must be some other group policy at a higher level (i.e., OU or domain) that is overriding the local setting.

Hope this helps!
0
 

Author Comment

by:daywilli
ID: 18056130

Thank you for your quick response.

Being logged in as a user with administrative privileges I would RUN gpedit.msc and try to change the deny access settings. The buttons are still grayed out so maybe a better question would be if I am opening the gpeditor at the domain level and if not how is that done?

BTW, what are the differences between opening the group policy editor at a domain level and local level being on the domain controller?

Thanks
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 18056224
The Local Security Policy management console that you open from the Administrative Tools menu on a workstation or member server, or that runs on a workstation when you run gpedit.msc, applies only to that computer.  It is overridden by any settings in the Domain Security Policy.  You can only open the Domain Security Policy console from a domain controller or other computer running the domain admin tools.  This Domain Security policy is domain-wide and any settings here will override settings in the Local Security Policy. It also has settings that are not available from the local security policy. Items that are greyed out in the local policy usually indicate that there is a setting at the domain level that's overriding it.  

Hope this helps!
0
 

Author Comment

by:daywilli
ID: 18068567
Hypercat,

I got ya. By opening gpedit through a tool such as AD users and computers and then opening the properties from the DC container I have access to change this list.

Issue solved. Thank you!
0
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 125 total points
ID: 18069159
Great! Glad I could help.

Deb
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question