Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

you cannot login because the login method you are using is not allowed on this computer

Posted on 2010-08-12
7
Medium Priority
?
1,706 Views
Last Modified: 2012-05-10
I just built a new Windows 7 computer and added it to our domain.  I can login fine using laspca\administrator.  If I try another user I get "you cannot login because the login method you are using is not allowed on this computer".  If I manually add the user I can login as them.
I've added several windows 7 computers to our domain and never have I gotten this error.
0
Comment
Question by:J.R. Sitman
7 Comments
 
LVL 3

Accepted Solution

by:
Commandosk earned 1000 total points
ID: 33424247
Maybe the domain policy allows domain users to logon locally, but the local policy doesn't and the domain policy doesn't apply to the computer. The fix is running gpupdate to force to update the domain policy.

Norton Firewall blocks the communication between the client and domain controller. The solution is disabling Norton firewall or re-configuring it to allow to access the domain controller.

Also try to check this:
1. run gpedit.msc
2. Accept the elevation dialog
3. Expand Windows Settings\Security Settings\Local Policies
4. Click on User Rights Assignment
5. Ensure that "Deny log on locally" is empty
6. Ensure that "Allow log on locally" includes Administrators, Backup
Operators, Guests, and Users
0
 
LVL 10

Expert Comment

by:Wolfhere
ID: 33424259
I recently had the same issue on a new HP. The HP Protect Tools Client Security Solutions supposedly makes signon transparent. But does not allow login by anyone else unless manually added. I removed all the HP Protection suite and no longer have the issue.
0
 

Author Comment

by:J.R. Sitman
ID: 33425155
Very interesting.  I opened the Allow log on locally and it includes a user who has never logged on to the computer since I rebuilt it.  The HD crashed so I deleted the computer from the domain, built the new HD and added it back to the domain.  Is that a problem?  It shouldn't be because I'v e done it once or twice before.  I even deleted it from DSN and DHCP before I added it back in.
It also will not let me add new users like "Everyone"
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 24

Expert Comment

by:Awinish
ID: 33426906
0
 

Author Closing Comment

by:J.R. Sitman
ID: 33428834
I couldn't change the setting on the computer so I made a GPO and it fixed the problem.

Thanks
0
 
LVL 1

Expert Comment

by:sfadmin
ID: 33854384
hi there,

I am having the same problem with a dell laptop that I just took out the box. The laptop has been joined to the domain, and the network admin account can login, but no network user accounts can. I am trying to edit the "allow log on locally" gp entry but cannot as the "add user or group" button and the "remove" buttons are both greyed out. I am logged in with admin rights and have the option to change any other gp entry but not the one I need. Any ideas?
0
 

Author Comment

by:J.R. Sitman
ID: 33854871
I'm not an Expert but try making a GPO.
0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

877 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question