• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1708
  • Last Modified:

you cannot login because the login method you are using is not allowed on this computer

I just built a new Windows 7 computer and added it to our domain.  I can login fine using laspca\administrator.  If I try another user I get "you cannot login because the login method you are using is not allowed on this computer".  If I manually add the user I can login as them.
I've added several windows 7 computers to our domain and never have I gotten this error.
0
J.R. Sitman
Asked:
J.R. Sitman
1 Solution
 
CommandoskCommented:
Maybe the domain policy allows domain users to logon locally, but the local policy doesn't and the domain policy doesn't apply to the computer. The fix is running gpupdate to force to update the domain policy.

Norton Firewall blocks the communication between the client and domain controller. The solution is disabling Norton firewall or re-configuring it to allow to access the domain controller.

Also try to check this:
1. run gpedit.msc
2. Accept the elevation dialog
3. Expand Windows Settings\Security Settings\Local Policies
4. Click on User Rights Assignment
5. Ensure that "Deny log on locally" is empty
6. Ensure that "Allow log on locally" includes Administrators, Backup
Operators, Guests, and Users
0
 
WolfhereCommented:
I recently had the same issue on a new HP. The HP Protect Tools Client Security Solutions supposedly makes signon transparent. But does not allow login by anyone else unless manually added. I removed all the HP Protection suite and no longer have the issue.
0
 
J.R. SitmanAuthor Commented:
Very interesting.  I opened the Allow log on locally and it includes a user who has never logged on to the computer since I rebuilt it.  The HD crashed so I deleted the computer from the domain, built the new HD and added it back to the domain.  Is that a problem?  It shouldn't be because I'v e done it once or twice before.  I even deleted it from DSN and DHCP before I added it back in.
It also will not let me add new users like "Everyone"
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
AwinishCommented:
0
 
J.R. SitmanAuthor Commented:
I couldn't change the setting on the computer so I made a GPO and it fixed the problem.

Thanks
0
 
sfadminCommented:
hi there,

I am having the same problem with a dell laptop that I just took out the box. The laptop has been joined to the domain, and the network admin account can login, but no network user accounts can. I am trying to edit the "allow log on locally" gp entry but cannot as the "add user or group" button and the "remove" buttons are both greyed out. I am logged in with admin rights and have the option to change any other gp entry but not the one I need. Any ideas?
0
 
J.R. SitmanAuthor Commented:
I'm not an Expert but try making a GPO.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now