The user has not been granted the requested logon type at this computer when accessing a network share

I currently have a server (windows 2003 R2, sp2, server role = file server) with several shares on them. Users will be accessing these shares remotely from their desktops (windows XP prof).  However, when Im in the Local Security Settings on this server (that has the shares on it) I noticed that the following user right assignments are disabled: 1) Access this computer from the network; 2) Allow log on locally and 3) Enable computer & user accounts to be trusted for delegation.  Im guessing these are disabled because these are set at the DC under Default Domain Security Settings.  However, I want to make this server available so users can access the shares across the network on this server.  While doing a test the only way to do it is to put a user in the administrators group of this server  which I dont want to do.  How can I have a user access this server shares across the network without getting the following error message of The user has not been granted the requested logon type at this computer.  Is it a matter of going on the DC under Default Domain Security settings and changing the user right assignment by adding the desired group or everyone?  I was thinking if I made the change there that would be for all servers in that domain.  I was just hoping to make the change for this one server without affecting all the servers in the domain that this server happening to be in.  I hope I have explained this clearly.  Thanks