Solved

Getting error the logon n method you are using is not allowed on this computer

Posted on 2016-07-21
6
48 Views
Last Modified: 2016-07-26
Ok I have posted a similar problem, in this site recently.  I added a test user to my group policy to deny access to a specific computer on a computer workstation.  I got it to work so that I would get the following error message when I tried to log on to that account

Getting error the signin method you're trying to use isn't allowed.

Once I tested this.  I removed it from the policy and now the policy is not defined.  However I am still not apple to logon to the computer using the test user.  I can logon as any other user, but that one.

I have done a gpupdate on the server, restarted the server and I also have done a gpupdate /force on the workstation computer.  I have also tried restartimg the workstation computer but nothing seems to work.

Any ideas?  
Using windows server 2012 r2
0
Comment
Question by:MomForLife
  • 4
  • 2
6 Comments
 

Author Comment

by:MomForLife
Comment Utility
Just adding a bit more to this.  I logged in to a working user on that workstation and opened up task manager.  when I check to see users, My test user is listed as being disconnected.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
Comment Utility
I tried to find the similar question you say you posted to find out what exactly you did for the group policy -- but couldn't find it.

The reason I wanted to see that is because some policies get "tattooed" into the registry and cannot be reversed by simply disabling the policy.

You can read more about this here:
https://www.experts-exchange.com/questions/27724014/Windwos-2008-Group-Policies-Prevent-Tattooing.html
0
 

Author Comment

by:MomForLife
Comment Utility
Okay briefly read up on tattooing.  The entry was made in a gpo I created, linked and enforced.   The policy is under the computer setting, security settings, local policy, deny local logon (something like that).

I had company,  where they have have gone into the Default Domain Policy and actually changed the allow local logon, and the users listed here are the only ones that can login.  I also removed them, did gpupdate on server and did a gpupdate /force on the workstation computer that is joined to the domain.  , however I am still not able to login with other AD users on this workstation.  

This is why i was doing some testing using the deny local.  Just wanted to see if it would give me the same error.
0
How to Backup Ubuntu to Amazon S3

CloudBerry Backup offers automatic cloud backup and restoration for Linux. It has both GUI and command line interface (CLI) ensuring its flexibility in use. Find out more

 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
Comment Utility
however I am still not able to login with other AD users on this workstation.  

AH... I'm sorry I missed that specific detail from your initial question.

You can only log into a workstation with user accounts which are listed in the local USERS group of that computer.  Usually you would add the "Domain Users" or "Authenticated Users" security group to the local USERS group to allow for this.

Domain Users is added by default when the computer is joined to the domain.  But it may have been removed, so check that out.
0
 

Author Comment

by:MomForLife
Comment Utility
Thank you Jeffrey Kane
0
 

Author Closing Comment

by:MomForLife
Comment Utility
Thank you.
0

Featured Post

Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

Join & Write a Comment

Online collaboration can help businesses be more efficient, help employees grow their skills and foster a team environment.
Not many admins are aware that GPOs can be activated and deactivated time-based. Time to change that :)
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now