Solved

How can I change the group policy (or security) settings that will allow servers to be logged onto using the local administrator account?

Posted on 2011-03-16
7
293 Views
Last Modified: 2012-05-11
How can I change the group policy (or security) settings that will allow Server 2003 servers to be logged onto using the local administrator account?

Currently whenever I click on the drop down arrow next to the Log on to field, the only option that displays is the Domain name. I don't have the option to logon to the server using a local administrator account.

Also, whenever I open local computer management, I don't have the option to view the local computer accounts or to change the passwords on any of the local computer accounts.
computer-management.png
0
Comment
Question by:Knowledgeable
7 Comments
 
LVL 4

Accepted Solution

by:
pamiken earned 100 total points
ID: 35151759
Is the server a domain controller??  

Domain Controllers don't have local administrator accounts.
0
 
LVL 4

Assisted Solution

by:bitla
bitla earned 100 total points
ID: 35151785
Do you mean you want to logon to server 2003 using local administrative account or domain user account?

If you want a user (domain or local user) to logon to server, you need to set user to allow logon locally

http://technet.microsoft.com/en-us/library/cc756809%28WS.10%29.aspx
0
 

Author Comment

by:Knowledgeable
ID: 35152200
No, these servers in question are not domain controllers.
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 12

Assisted Solution

by:Navdeep
Navdeep earned 300 total points
ID: 35154698
If that's not domain controller then you will see local accounts and groups
On DC  you don't get local admin and account

also can you do \\sysvol, i believe if you don't see local computer management and account then that box will be a dc

anyways to logon to the local system which is not a dc use the following syntax
hostname\username
password
0
 
LVL 12

Assisted Solution

by:Navdeep
Navdeep earned 300 total points
ID: 35154787
Also on DC SAM gets disabled and the only way that you can login is using DRSM user name and password in DSRM mode.
0
 

Author Comment

by:Knowledgeable
ID: 35156734
It turns out that these two servers used to be domain controllers, but now they have been demoted to being member servers.

What do I need to do to make it so that they can be logged onto using local usernames?
0
 
LVL 12

Assisted Solution

by:Navdeep
Navdeep earned 300 total points
ID: 35157057
Ok if they were DC, were they demoted gracefully?

check in AD sites and Services if you see them under servers.

do you see them in ADUC under domain controllers container

Perform a meta data cleanup if required

0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Restrict access to Active Directory Users and Computers 9 53
Convert On-prem 365 users to cloud only 3 20
Replication problems 6 21
Power shell 4 28
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question