I have an urgent problem.
"The local policy of this system does not permit you to logon interactivley"
Most if not all computers on my 2003 Domain controller are not allowing users to logon (the administrator can logon to any
client) The below SID numbers are showing in the local polices "Administrative Tools/Local Security Policy. Expand Local
Policies and click on User Rights Assignment. Double click on the 'Log on locally' right" instead of DOMAIN\GROUP as normal on
the XP clients. The buttons for adding etc are greyed and the SID's are also listed for example as *S-1-5-32-548
Name: Account Operators
Description: A built-in group that exists only on domain controllers. By default, the group has no members. By default, Account
Operators have permission to create, modify, and delete accounts for users, groups, and computers in all containers and
organizational units of Active Directory except the Builtin container and the Domain Controllers OU. Account Operators do not
have permission to modify the Administrators and Domain Admins groups, nor do they have permission to modify the accounts for
members of those groups.
Name: Server Operators
Description: A built-in group that exists only on domain controllers. By default, the group has no members. Server Operators
can log on to a server interactively; create and delete network shares; start and stop services; back up and restore files;
format the hard disk of the computer; and shut down the computer.
Name: Print Operators
Description: A built-in group that exists only on domain controllers. By default, the only member is the Domain Users group.
Print Operators can manage printers and document queues.
The issue occured in two different aspects and i do beleive it was total foolishness on my part that caused this error.
Please Help ASAP.