Solved

you cannot login because the login method you are using is not allowed on this computer

Posted on 2010-08-12
7
1,691 Views
Last Modified: 2012-05-10
I just built a new Windows 7 computer and added it to our domain.  I can login fine using laspca\administrator.  If I try another user I get "you cannot login because the login method you are using is not allowed on this computer".  If I manually add the user I can login as them.
I've added several windows 7 computers to our domain and never have I gotten this error.
0
Comment
Question by:J.R. Sitman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 3

Accepted Solution

by:
Commandosk earned 250 total points
ID: 33424247
Maybe the domain policy allows domain users to logon locally, but the local policy doesn't and the domain policy doesn't apply to the computer. The fix is running gpupdate to force to update the domain policy.

Norton Firewall blocks the communication between the client and domain controller. The solution is disabling Norton firewall or re-configuring it to allow to access the domain controller.

Also try to check this:
1. run gpedit.msc
2. Accept the elevation dialog
3. Expand Windows Settings\Security Settings\Local Policies
4. Click on User Rights Assignment
5. Ensure that "Deny log on locally" is empty
6. Ensure that "Allow log on locally" includes Administrators, Backup
Operators, Guests, and Users
0
 
LVL 10

Expert Comment

by:Wolfhere
ID: 33424259
I recently had the same issue on a new HP. The HP Protect Tools Client Security Solutions supposedly makes signon transparent. But does not allow login by anyone else unless manually added. I removed all the HP Protection suite and no longer have the issue.
0
 

Author Comment

by:J.R. Sitman
ID: 33425155
Very interesting.  I opened the Allow log on locally and it includes a user who has never logged on to the computer since I rebuilt it.  The HD crashed so I deleted the computer from the domain, built the new HD and added it back to the domain.  Is that a problem?  It shouldn't be because I'v e done it once or twice before.  I even deleted it from DSN and DHCP before I added it back in.
It also will not let me add new users like "Everyone"
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 24

Expert Comment

by:Awinish
ID: 33426906
0
 

Author Closing Comment

by:J.R. Sitman
ID: 33428834
I couldn't change the setting on the computer so I made a GPO and it fixed the problem.

Thanks
0
 
LVL 1

Expert Comment

by:sfadmin
ID: 33854384
hi there,

I am having the same problem with a dell laptop that I just took out the box. The laptop has been joined to the domain, and the network admin account can login, but no network user accounts can. I am trying to edit the "allow log on locally" gp entry but cannot as the "add user or group" button and the "remove" buttons are both greyed out. I am logged in with admin rights and have the option to change any other gp entry but not the one I need. Any ideas?
0
 

Author Comment

by:J.R. Sitman
ID: 33854871
I'm not an Expert but try making a GPO.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question