ChristineMD
MIS
Hello, if some kind soul is able to help me figure this out I would be eternally grateful.
Windows XP workstations, Windows Server 2003 Standard Domain Controller
There are 10 machines in a customer service area that require customer service agents to be set as ADMNISTRATORS in order to log on locally. Whoever set this up this way should be SHOT in the HEAD. Sorry. Deep Breath.
I cannot find where this is set.
Here's the info I DO know:
If I login as an administrator on one of these boxes and run cmd/k gpresult I get these pertinent facts (ran a gpupdate right before):
workstation IS a member of the domain
Applied group policy: default domain policy
local group policy: not applied (EMpty)
computer is in these groups(no more, no less)
builtin/administrators
everyone
builtin/users
nt authority/network
nt authority/authenticated users
the "computername$" group
domain computers
On my 2003 server
default domain policy
computer config
windows settings
security settings
local policies
user rights assignment
deny logon locally is NOT DEFINED
restricted groups contains no items
When I try to login (to the domain) as a customer service user I get "Local Policy of this system does not permit you to logon interactively"
I can login to my computer as the user, and the only local security (users) I have set up on my machine is admins for the domain and the local admin, and myself. No other groups or users.
What else should I be looking at? It's driving me BONKERS. Please save the sanity of this little admin.
Thanks in Advance!
Windows XP workstations, Windows Server 2003 Standard Domain Controller
There are 10 machines in a customer service area that require customer service agents to be set as ADMNISTRATORS in order to log on locally. Whoever set this up this way should be SHOT in the HEAD. Sorry. Deep Breath.
I cannot find where this is set.
Here's the info I DO know:
If I login as an administrator on one of these boxes and run cmd/k gpresult I get these pertinent facts (ran a gpupdate right before):
workstation IS a member of the domain
Applied group policy: default domain policy
local group policy: not applied (EMpty)
computer is in these groups(no more, no less)
builtin/administrators
everyone
builtin/users
nt authority/network
nt authority/authenticated users
the "computername$" group
domain computers
On my 2003 server
default domain policy
computer config
windows settings
security settings
local policies
user rights assignment
deny logon locally is NOT DEFINED
restricted groups contains no items
When I try to login (to the domain) as a customer service user I get "Local Policy of this system does not permit you to logon interactively"
I can login to my computer as the user, and the only local security (users) I have set up on my machine is admins for the domain and the local admin, and myself. No other groups or users.
What else should I be looking at? It's driving me BONKERS. Please save the sanity of this little admin.
Thanks in Advance!