Solved

Getting error the logon n method you are using is not allowed on this computer

Posted on 2016-07-21
6
61 Views
Last Modified: 2016-07-26
Ok I have posted a similar problem, in this site recently.  I added a test user to my group policy to deny access to a specific computer on a computer workstation.  I got it to work so that I would get the following error message when I tried to log on to that account

Getting error the signin method you're trying to use isn't allowed.

Once I tested this.  I removed it from the policy and now the policy is not defined.  However I am still not apple to logon to the computer using the test user.  I can logon as any other user, but that one.

I have done a gpupdate on the server, restarted the server and I also have done a gpupdate /force on the workstation computer.  I have also tried restartimg the workstation computer but nothing seems to work.

Any ideas?  
Using windows server 2012 r2
0
Comment
Question by:MomForLife
  • 4
  • 2
6 Comments
 

Author Comment

by:MomForLife
ID: 41724131
Just adding a bit more to this.  I logged in to a working user on that workstation and opened up task manager.  when I check to see users, My test user is listed as being disconnected.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 41724208
I tried to find the similar question you say you posted to find out what exactly you did for the group policy -- but couldn't find it.

The reason I wanted to see that is because some policies get "tattooed" into the registry and cannot be reversed by simply disabling the policy.

You can read more about this here:
https://www.experts-exchange.com/questions/27724014/Windwos-2008-Group-Policies-Prevent-Tattooing.html
0
 

Author Comment

by:MomForLife
ID: 41724539
Okay briefly read up on tattooing.  The entry was made in a gpo I created, linked and enforced.   The policy is under the computer setting, security settings, local policy, deny local logon (something like that).

I had company,  where they have have gone into the Default Domain Policy and actually changed the allow local logon, and the users listed here are the only ones that can login.  I also removed them, did gpupdate on server and did a gpupdate /force on the workstation computer that is joined to the domain.  , however I am still not able to login with other AD users on this workstation.  

This is why i was doing some testing using the deny local.  Just wanted to see if it would give me the same error.
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 41726498
however I am still not able to login with other AD users on this workstation.  

AH... I'm sorry I missed that specific detail from your initial question.

You can only log into a workstation with user accounts which are listed in the local USERS group of that computer.  Usually you would add the "Domain Users" or "Authenticated Users" security group to the local USERS group to allow for this.

Domain Users is added by default when the computer is joined to the domain.  But it may have been removed, so check that out.
0
 

Author Comment

by:MomForLife
ID: 41730399
Thank you Jeffrey Kane
0
 

Author Closing Comment

by:MomForLife
ID: 41730502
Thank you.
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cannot connect to Windows 2012 R2 via netbios name 16 24
Protect recipient mailboxes 2 42
Lost admin password windows server 2012r2 9 66
Network share lockout 5 15
Both MMF (multi-mode fiber) and SMF (single-mode fiber) are types of optical fiber that can aid in communication applications. These thin strands of silica or glass will allow communication to occur between devices. The transmission of light between…
You may have a outside contractor who comes in once a week or seasonal to do some work in your office but you only want to give him access to the programs and files he needs and keep privet all other documents and programs, can you do this on a loca…
In this Micro Tutorial viewers will learn how they can get their files copied out from their unbootable system without need to use recovery services. As an example non-bootable Windows 2012R2 installation is used which has boot problems.
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now