Group Policy Issue/Active Directory

I am having trouble adding a new user to my system and having them be able to log on...

I have a server which is my active directory server.  On that box, I used "Active Directory Users and Computers" to add the new person.

On a second server that hosts IIS, I setup a site that uses windows authentication  When I try and enter the credentials for the new user, the logon fails with "401 - Unauthorized: Access is denied due to invalid credentials.".  Other users which have been previously created work fine.

When I go to group policy object editor, and drill down to "Local computer Policy\computer configuration\windows settings\security settings\Local policies\User rights assignments", I see that the setting "Access this computer from the network" does not have the new user included.  When I try and add the user, the "add user or group" button is greyed out.  Other users that can successfully log on are included in this list, so I think this is the problem.  How to I add the new person to that list?  Why Grayed out?

I have tried synching ad using "gpupdate /force".  I have tried rebooting both servers.  What am I missing?

The AD server is running W2008, the Web server is running W2012.

Also, I can log on to the server using remote desktop using the new users credentials.
No1CoderAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

sumeshbnrCommented:
Grayed out may be means you have added domain users already.Set the web directory permission settings add the newly created user there
0
Life1430Commented:
check the permissions in IIS
0
No1CoderAuthor Commented:
I added full access or that specific user to the drive where the web sites exist.  It didn't help.  Not sure what else to try.

Also, I confirmed that when I try an log on using FTP to that server, I get "User cannot log in" error.
0
No1CoderAuthor Commented:
Does anyone know how to add users to the "Access this computer from the network" when the button is greyed out?

This is not in the help, and I can't fine anything on web.
0
SandeshdubeySenior Server EngineerCommented:
This indicates that GPO is configured and hence the option is grayed you need to login to DC and open GPMC console and edit the policy in question may be it is default domain policy template.

You can run rsop on the server in question it will list the policy which has 'Access this computer from the network'.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS

From novice to tech pro — start learning today.