Cannot logon because the logon method you are using is not allowed...
Posted on 2016-10-06
I noticed the other day that our company wide blast (every email address in the company) was listed as a security group and not a distribution group. I had an exchange "expert" here looking at a backup issue on my exchange server and asked him whether this was a problem. He told me that if that blast wasn't being used to apply security to shared folders, etc. that it could end up being a security risk. I had never seen it this particular group used for anything except communication. I went into AD and changed it over to a distribution group. Now all users that don't have local admin access to their computers get the "Cannot logon because the logon method you are using is not allowed..." message when logging into their machines. They can only log in again if I make them a local admin. Is there anything I can do globally in AD or elsewhere to rectify this situation without waiting for my users to complain and addressing each situation individually? It is a Windows Server 2016 running Exchange 2013