Web application being stopped by Server 2003 permissions issue

We are having an issue with a newly installed application that uses Pervasive SQL and IIS to run a browser based HR portal for our employees.  The application is installed on a domain server and it uses Active Directory user logins to authenticate the browser logon.   The users access a specific web page (running on our server) and logon as follows:

DomainName\Username and then enter a password.  

Everything works fine as long as the user is a member of the Administrators group.   However, as soon as we remove the user from the Administrators group and make them a member of the domain users group they can no longer log in and they receive a "Login Failed" error.  

The company who designed the HR portal (Municipal Accounting) has tested it thoroughly and stated that it is something on our end.  The evidence that they use to back this up is that they say that they cannot use remote desktop and log on locally as any standard user even if they give the standard user access rights to logon to the server as a remote desktop user.

Therefore, they are saying that since a standard user cannot log on locally to the server as a remote desktop user, we must have permissions issues on our server.

They may be right to some extent, but we certainly should not need to allow users remote access rights to connect to the server.  However, they may be correct in that it appears to me that the web based logon is going to require users to have permissions to logon to the server locally.

This company assures me that the app is working in other places and that the problem is on our end.  If anyone has any ideas it would be greatly appreciated.  
darcher17Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

SirDragonCommented:
It does sound like a rights issue.  
What are the rights assigned to IIS?  Have you tried to turn on Anonymous logon?  
or integrated windows authentication?

Is this server a domain controller?  
What are the rights for interactive logon to the server?  
I am sorry for all the questions, but it's hard to weed through without a visual.  
0
darcher17Author Commented:
I actually resolved this one myself.  I am not really happy about the way their software works, but it appears that I have to give users the right to logon locally.  

So I added the users to a specific group and then gave this group the right to "Log on Locally" through the Domain Controller Security Policy.  

Thanks for the help!
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.