Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

logon failure user account restrictions on file server

Posted on 2011-03-01
7
Medium Priority
?
1,550 Views
Last Modified: 2012-05-11
I have a file server running windows 2k3 server. and a member server on the domain. my domain controller works fine as a file server. but all users are having problems accessing file and print resources. they get the following error logged on as a domain user.

"logon failure" user account restriction.

possible reasons are blank password not allowed, logon hour restrictions, or a policy restriction is enforced.  

help! its killing me i cannot figure it out.
0
Comment
Question by:SANDDRAGON2004
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 10

Expert Comment

by:Owen Rubin
ID: 35011867
Interesting, you answered some of your own question. The official Microsoft answer to this error is:

"The user name, domain, and password were accepted, but then an administrative restriction was encountered, such as the hours you may log on."

They suggest logging on as a different user.  Yea, right!

It seems that you need to edit the user's restrictions on the server to not have restrictions.

Do you see these problems as administrator? If not, then you know the problem. I suspect new users are created with all the same settings, so they all have the same restrictions. Try creating a new user, manually set the restrictions, and see if that user works. If it does, then you need to change user restricitons on each user.
0
 
LVL 9

Expert Comment

by:avilov
ID: 35011918
DC doesn't allow to log on to it regular domain accounts, you need to allow it explicitly. but it'll probably be not a good idea if you are not sure why that is set by default
0
 

Author Comment

by:SANDDRAGON2004
ID: 35012232
domain admin works fine.

user accounts no bueno.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:SANDDRAGON2004
ID: 35012246
I can add the same user to the domain admins group it works fine.

the users are members of the users group, and the domain users group. I have applied the domain users and users group the the file share, and to the folder security to no avail.
0
 
LVL 9

Expert Comment

by:avilov
ID: 35012428
You need to give users - Allow Log on Locally user right in the domain controller as well as add them to remote desktop users group. but that is not recommended by best practices
0
 

Author Comment

by:SANDDRAGON2004
ID: 35018883
all logon users can access files and folders on the DC, but not this server. all users are members of the same groups.

0
 
LVL 10

Accepted Solution

by:
Owen Rubin earned 2000 total points
ID: 35020257
So I understand this a bit differently now? Everything else works fine, just not the one server? Are you sure it is properly subscribed to the domain controller and that no additional restrictions are set locally on the server as well? The fact that admin can access but users cannot only on this one server points to security settings on the server itself, and something set to override the DC.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ever notice how you can't use a new drive in Windows without having Windows assigning a Disk Signature?  Ever have a signature collision problem (especially with Virtual Machines?)  This article is intended to help you understand what's going on and…
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.How it Works The attack works by targeti…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question