Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 302
  • Last Modified:

How can I change the group policy (or security) settings that will allow servers to be logged onto using the local administrator account?

How can I change the group policy (or security) settings that will allow Server 2003 servers to be logged onto using the local administrator account?

Currently whenever I click on the drop down arrow next to the Log on to field, the only option that displays is the Domain name. I don't have the option to logon to the server using a local administrator account.

Also, whenever I open local computer management, I don't have the option to view the local computer accounts or to change the passwords on any of the local computer accounts.
5 Solutions
Is the server a domain controller??  

Domain Controllers don't have local administrator accounts.
Do you mean you want to logon to server 2003 using local administrative account or domain user account?

If you want a user (domain or local user) to logon to server, you need to set user to allow logon locally

KnowledgeableNetwork EngineerAuthor Commented:
No, these servers in question are not domain controllers.
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

If that's not domain controller then you will see local accounts and groups
On DC  you don't get local admin and account

also can you do \\sysvol, i believe if you don't see local computer management and account then that box will be a dc

anyways to logon to the local system which is not a dc use the following syntax
Also on DC SAM gets disabled and the only way that you can login is using DRSM user name and password in DSRM mode.
KnowledgeableNetwork EngineerAuthor Commented:
It turns out that these two servers used to be domain controllers, but now they have been demoted to being member servers.

What do I need to do to make it so that they can be logged onto using local usernames?
Ok if they were DC, were they demoted gracefully?

check in AD sites and Services if you see them under servers.

do you see them in ADUC under domain controllers container

Perform a meta data cleanup if required


Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now