Solved

the local policy of this system does not allow you to log on interactively :Server Standard 2003

Posted on 2010-09-02
7
416 Views
Last Modified: 2013-12-04
I am having an issue where any new user I create on Server Standard 2003 gets the error "the local policy of this system does not allow you to log on interactively" when they try to logon locally.

I compared group memberships with accounts that work correctly and they are the same. I verified that the default domain policy has the logon locally setting as not defined. However even when I do define it for "everyone" they still cannot logon.

The only workaround for this seems to be if I add the user as a domain admin.
0
Comment
Question by:Nathaniel_ScrivNET
7 Comments
 
LVL 14

Expert Comment

by:Wonko_the_Sane
ID: 33590693
Just to clarify: Logon locally = they are stting in front of the server? Or are they using RDP to connect?
0
 
LVL 7

Expert Comment

by:jamie_gillespie
ID: 33590721
Go to computer management on the Server and add the user into the appropriate local groups manually.

If you need further help with this let me know.
0
 
LVL 3

Expert Comment

by:sbo2002
ID: 33590746
Are these Terminal Services sessions? Have you verified that the users are members of the Remote Desktop Users security group on the server in question? Also verify that the Remote Desktop Users group has the "Allow Logon through Terminal Services" right.

Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 

Author Comment

by:Nathaniel_ScrivNET
ID: 33596294
@Jaime
This is a domain. The accounts in question are domain accounts. They cannot logon to their domain profile at their machine.

@sbo2002
No these are local logins to domain profiles. .

@Wonko_the_Sane
They are at their workstation.


I have accounts that are already established that work fine. This is happening with any new accounts I create.
0
 
LVL 3

Expert Comment

by:Tommy_Cooper
ID: 33597037
Check your GPO for allowing local logon:
Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment > Allow logon locally

Or maybe you have set:
Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment > Deny logon locally

Check GPOs and local security policy on the workstations.
0
 

Expert Comment

by:Techguy23
ID: 33598305
Depending on your security policies you can make them a local administrator of their own machines which should give them the appropriate permissions to log on and manage their pc.
0
 

Accepted Solution

by:
Nathaniel_ScrivNET earned 0 total points
ID: 33658691
I figured it out, my employee gave me the wrong information. Thank you for your help/
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question