Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 874
  • Last Modified:

Unable to Logon Locally using domain Admin account

Hi,
Could someone guide me on this issue. We have a windows 2000 DC and another server running win"K with exchagne server 2K installed on it. When I try to log on to this second server locally using a domain admin account it does not allow me. But when i try to do so using another account which also has domain admin privilliges, it does log me on.
Just wondering what causes this issue?

Please advice.....

Regards,
Naga.
0
nvrkakarla
Asked:
nvrkakarla
3 Solutions
 
Sinder255248Commented:
It could be that it's your first account is denied access in the RDP protocol, Administrative Tools -->  Terminal services config -->  Right click RDP -->  Properties --> Permissions Tab.

Or it could be in group policy -->  Comp Config --> Windows settings -->  Security --> Local Policies -->  User rights assignments

Check these policies under the above location:

Allow logon locally
Allow logon through terminal services
Deny logon locally
Deny logon through terminal services
0
 
nvrkakarlaAuthor Commented:
Hi Sinder,
thanks for your reply.
Just like to add to my question that this first account does allow me to logon using remote desktop, but when i use the same to logon locall on the server, it denies me!

pleae advice...

Regards,
Naga.
0
 
ms-proCommented:
To permit users to log on locally to a domain controller
1.
 Open Domain Controller Security Policy.
 
2.
 In the console tree, click User Rights Assignment.
 
3.
 In the details pane, double-click Allow log on locally.
 
4.
 If this security setting has not yet been defined, select the Define these policy settings check box, and click Add User or Group.
 
5.
 In Add user or group, specify the user or group who will be granted permission to log on locally, and then click OK twice.

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23460418.html
0
 
Henrik JohanssonSystems engineerCommented:
As you can log on through RDP to the Exchange server, it's a problem with the right to logon locally on that computer.
The user rights assignment for allow or deny logging on locally has been defined in the local security policy (gpedit.msc) on the Exchange server or in a GPO linked to the OU-structure containing the Exchange server. If listed as deny, it will override the allow permission.
Run rsop.msc to see what policy is defining the user right. Expand Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
* Allow log on locally
* Deny log on locally
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now