aaronburro
Programmer
I've got a Win2K server environment(Main Domain Server, a server used for Citrix, and a server used for MAS200, all identical hardware) that is having a problem. I made a user whose sole purpose was to log onto the domain controller server and perform one task(check the tape backup system to make sure it is functioning properly). I set him to be able to log on only to the domain controller in Active Directory. here's the next stuff I did:
I set him to be able logon locally on all three of the security profiles : Domain Controller, Local, and Domain.
I also set him to be denied network access on all three of the above.
Then I logged into two other Win2K server machines and set them to deny that user local logon and network access as well, only in the local policy (since its the only one, duh).
The last step was apparently fairly stupid, as it locked all users out of the other two servers locally. I could access all the network resources(shared files and folders, and MAS200 worked fine), but noone could logon locally (Citrix users were also not able to connect at all), not even the domain and local administrators.
So, I went back and undid all of the security settings on the domain controller and the MAS server freed up. The other seems to have freed up, but not completely. When I restart the server, I don't get the ability to logon, as the little "Press Ctl-Alt-Del" window never shows up. All the services that are supposed to run on that server are running, but I just can't get that prompt.
Welp, now it seems that the citrix service is not working as it should, either. I get a connection error when I try to logon with citrix. I restarted the server, but it didn't fix the problem.
Any ideas as to what is messed up?
I set him to be able logon locally on all three of the security profiles : Domain Controller, Local, and Domain.
I also set him to be denied network access on all three of the above.
Then I logged into two other Win2K server machines and set them to deny that user local logon and network access as well, only in the local policy (since its the only one, duh).
The last step was apparently fairly stupid, as it locked all users out of the other two servers locally. I could access all the network resources(shared files and folders, and MAS200 worked fine), but noone could logon locally (Citrix users were also not able to connect at all), not even the domain and local administrators.
So, I went back and undid all of the security settings on the domain controller and the MAS server freed up. The other seems to have freed up, but not completely. When I restart the server, I don't get the ability to logon, as the little "Press Ctl-Alt-Del" window never shows up. All the services that are supposed to run on that server are running, but I just can't get that prompt.
Welp, now it seems that the citrix service is not working as it should, either. I get a connection error when I try to logon with citrix. I restarted the server, but it didn't fix the problem.
Any ideas as to what is messed up?
I've got questions about that bloody thing (frequent and extended undervoltages), too! Thx, when I get a chance I'll check that out... I'll hold off on the star until then