Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

your local security policy does not permit you to log on interactively 3

Status
Not open for further replies.
1nterpol

1nterpol

IS-IT--Management
Apr 2, 2007
78
IE
i created a new user in active directory and i receive this error when i try to logon to any pc on the domain.

This is probably something simple but if anyone could help that would be great.
 
Sort by date Sort by votes
You need to allocate this user local admin rights in the AD profile. Or (as a temp fix) you can log onto the workstation as an admin add the new username to the local admin group and then you should be able to log into that workstation ok.

When I was born I was so suprised I didn't talk for 18 months
 
Upvote 0 Downvote
Thanks for replying

The problem there is i dont want the user to have local admin rights.

Temporary telesales person.

 
Upvote 0 Downvote
I changed the domain group policy to allow everyone the log on locally permission but it has made no difference.

Weird thing is i copied another profile to make this one but the other profile can log onto any pc.

I deleted the profile and set i up from scratch then but i still get the same thing.

 
Upvote 0 Downvote
what security groups is this new user a member of? The user must at least be apart of the Domain Users group.
 
Upvote 0 Downvote
She's a member of the domain users group.
 
Upvote 0 Downvote
OK, now you should check on a workstations local groups. Verify that Domain users are in the local 'users' group.
 
Upvote 0 Downvote
Skimmed through the thread. Did you try adding user to member of Remote Desktop Users in Active Directory? That usually fixes those errors. Also make user local admin just to see if it works, and guarantee that error wont come up.
 
Upvote 0 Downvote
I dont want the user to have any permissions they shouldnt have, my boss is back on wed, he should know, ill post up the solution.
 
Upvote 0 Downvote
What i done to sort this was...

Go to

Start>administrative tools>group policy management

Open group policy objects

Right click default domain controllers and edit

Open computer configuration>windows settings>security settings>local policys>user rights assignments

right click on @allow to log on locally', open properties, add the user in here.

Job done.
 
Upvote 0 Downvote
We were all getting to that, we just wanted to troubleshoot first but glad that you figured it out.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

microsGuy16
  • Locked
  • Question
Can not copy files to Mapped drive
Replies
0
Views
530
microsGuy16
microsGuy16
tscstl
  • Locked
  • Question
access to local folder
Replies
1
Views
289
hairlessupportmonkey
hairlessupportmonkey
DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
480
DTGMI
DTGMI
dpellegrini
  • Locked
  • Question
Website will load using hostname but not IP address
Replies
3
Views
963
mangentle
mangentle
DrB0b
  • Locked
  • Question
Hybrid on prem AD with Azure AD
Replies
2
Views
313
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top