General discussion

  • Creator
    Topic
  • #2272879

    Unable to login to win2k

    Locked

    by chrishudson123 ·

    Hi

    I am unable to login to the domain controller as a normal
    user.Now I am getting an error message “unable to locate
    profile,Access Denied” I checked all the security polcies
    and set as follows

    Active directory ——–>logon locally >>Everyone
    Access this computer from n/w –
    Everyone

    Domain controller security policy also I configured as same

    I test it with roaming profile also,it’s working perfectly in all systems except DC.even loacl profile is not working.But if I give admin group membership it’s ok

    Please Help me it’s so critical

    Chris

All Comments

  • Author
    Replies
    • #2717542

      Reply To: Unable to login to win2k

      by 2pacisalive ·

      In reply to Unable to login to win2k

      The win2kpro is using a files called New technology File Systems(NTFS).The Administrator only access to does who can log to windows;It create a different user password logon for them to access it.
      Under the Administrator account you ommit what we everyone that is to have non acecss of of full control,modify,read and execute,read only,write only.

    • #2717085

      Reply To: Unable to login to win2k

      by haileyan ·

      In reply to Unable to login to win2k

      Local accounts do not exist on a domain controller. You must use a domain account to log in to a domain controller. This is by design and not an error.

      May I ask why you want a normal user to log in locally to a domain controller? Seems like a security risk to me.

    • #2717078

      Reply To: Unable to login to win2k

      by chrishudson123 ·

      In reply to Unable to login to win2k

      let me clarify my question ,the normal user means domain user and one of the gentlemen ask me why logon locally on DC,The reason is my DC is also working as mail server with OWA enabled .Now only admin can access OWA .if normal users also wants access then I have to set logon locally policy to everyone

    • #2717076

      Reply To: Unable to login to win2k

      by sgt_shultz ·

      In reply to Unable to login to win2k

      not to mention bad practice of putting domain controller on internet.
      if fixed by admin membership, then rights on profile are not correct. get logged in with another admin account and take ownership of profile folder and then give correct permissions?

    • #2715844

      Reply To: Unable to login to win2k

      by hakoracle ·

      In reply to Unable to login to win2k

      plz verify that u implement stronge policy no one can create computer account in dc …
      remove this….if normal user want to joing dc must creat a compuer acc to dc….so it needed

      also plz check sysvol and related shared folders rights to everyoone….right click mycomputer …computer mananagemtn and shared folders and see rights,,..

Viewing 4 reply threads