Solved

Getting error the logon n method you are using is not allowed on this computer

Posted on 2016-07-21
6
57 Views
Last Modified: 2016-07-26
Ok I have posted a similar problem, in this site recently.  I added a test user to my group policy to deny access to a specific computer on a computer workstation.  I got it to work so that I would get the following error message when I tried to log on to that account

Getting error the signin method you're trying to use isn't allowed.

Once I tested this.  I removed it from the policy and now the policy is not defined.  However I am still not apple to logon to the computer using the test user.  I can logon as any other user, but that one.

I have done a gpupdate on the server, restarted the server and I also have done a gpupdate /force on the workstation computer.  I have also tried restartimg the workstation computer but nothing seems to work.

Any ideas?  
Using windows server 2012 r2
0
Comment
Question by:MomForLife
  • 4
  • 2
6 Comments
 

Author Comment

by:MomForLife
ID: 41724131
Just adding a bit more to this.  I logged in to a working user on that workstation and opened up task manager.  when I check to see users, My test user is listed as being disconnected.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 41724208
I tried to find the similar question you say you posted to find out what exactly you did for the group policy -- but couldn't find it.

The reason I wanted to see that is because some policies get "tattooed" into the registry and cannot be reversed by simply disabling the policy.

You can read more about this here:
https://www.experts-exchange.com/questions/27724014/Windwos-2008-Group-Policies-Prevent-Tattooing.html
0
 

Author Comment

by:MomForLife
ID: 41724539
Okay briefly read up on tattooing.  The entry was made in a gpo I created, linked and enforced.   The policy is under the computer setting, security settings, local policy, deny local logon (something like that).

I had company,  where they have have gone into the Default Domain Policy and actually changed the allow local logon, and the users listed here are the only ones that can login.  I also removed them, did gpupdate on server and did a gpupdate /force on the workstation computer that is joined to the domain.  , however I am still not able to login with other AD users on this workstation.  

This is why i was doing some testing using the deny local.  Just wanted to see if it would give me the same error.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 41726498
however I am still not able to login with other AD users on this workstation.  

AH... I'm sorry I missed that specific detail from your initial question.

You can only log into a workstation with user accounts which are listed in the local USERS group of that computer.  Usually you would add the "Domain Users" or "Authenticated Users" security group to the local USERS group to allow for this.

Domain Users is added by default when the computer is joined to the domain.  But it may have been removed, so check that out.
0
 

Author Comment

by:MomForLife
ID: 41730399
Thank you Jeffrey Kane
0
 

Author Closing Comment

by:MomForLife
ID: 41730502
Thank you.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
Note: This is the second blog post in a series on email clearinghouses (https://www.xmatters.com/alert-management/blog-email-has-failed-us?utm_campaign=70138000000ydLoAAI&utm_source=exex&utm_medium=article&utm_content=blog-post).   Every month t…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now