RE: [ActiveDir] Domain Controller Access

[Katrin Wilhelm]

Hi Kevin,   Not sure but is the DC a server 2003? If so can you use the GP Mgr to simulate the policies on this server? May there is a hint why it doesn’t work out. As so far everything seems to be OK.   Cheers, Katrin Wilhelm (MCSA) CVGT Employment & Training Specialists Australia E-mail: [EMAIL PROTECTED] From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Papula Sent: Thursday, 3 November 2005 5:39 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Access   Does anyone have any other suggestions about my DC logon problems?   Kevin Papula IT Manager Kandersteg, Inc. (717) 730-9815 x10 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Katrin Wilhelm Sent: Thursday, October 27, 2005 6:58 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Access   Hi Kevin,   reading what you done let's me wonder if you ticked the box in his user profile to allow logon on terminal server?   Cheers   Kat   From: [EMAIL PROTECTED] on behalf of Mark Parris Sent: Fri 28/10/2005 8:36 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Access What is the GPO “Access this computer from the network” set to in the DC’s GPO?   Mark   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: 27 October 2005 23:04 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Access   Is it a member of the domain\remote desktop users group?   :m:dsm:cci:mvp  marcusoh.blogspot.com From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Papula Sent: Thursday, October 27, 2005 5:55 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Access   themolk: thanks for responding.   The user has an account in the domain, which may be used to login to any computer on the domain, except DCs.   From: [EMAIL PROTECTED] on behalf of Molkentin, Steve Sent: Thu 10/27/2005 5:38 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Access Kevin,   Does the user exist in this domain? If not, is there a trust in place between the domain the user exists in and the domain that the DC lives in?   Just some questions, that may be way off mark...  ;)   themolk.   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Papula Sent: Friday, 28 October 2005 2:12 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Domain Controller Access Hello everyone: I am running a test domain environment, and I cannot get a normal user the permission to remotely log on to a DC. I am just playing around with permissions, and no matter what, i always get the same error: "you do not have access to logon to this session." I have entered this user into the DCs domain controller security policy, user rights, allow logon through terminal services, and local login. I have entered this user in RDP-TCP permissions, as full control. I have added this user to the GPO under domain controllers in dsa.msc This persons name was already in the list under the DCs system properties, remote, users. prob from the RDP-TCP permission addition. This user is also in the RDP group. I know this user shouldn’t need access to remote into a DC because of the non-admin user state, but this is a test environment, and I am perplexed as to why I am not able to do this. Has anyone else ever come across this? Thanks for any help.   -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.361 / Virus Database: 267.12.5/150 - Release Date: 10/27/2005 Confidentiality: The contents contain privileged and/or confidential information intended for the named recipient of this email. CVGT does not warrant that the contents of any electronically transmitted information will remain confidential. If the reader of this email is not the intended recipient you are hereby notified that any use, reproduction, disclosure or distribution of the information contained in the email is prohibited. If you receive this email in error, please reply to us immediately and delete the document. Viruses: It is the recipient/client's duties to virus scan and otherwise test the information provided before loading onto any computer system. No warranty is made that this material is free from computer virus or any other defect or error. Any loss/damage incurred by using this material is not the sender's responsibility.  CVGT’s entire liability will be limited to resupplying the material. Please contact us at www.cvgt.com.au for further information regarding this disclaimer. ;Arial;Confidentiality: The contents contain privileged and/or confidential information intended for the named recipient of this email. CVGT does not warrant that the contents of any electronically transmitted information will remain confidential. If the reader of this email is not the intended recipient you are hereby notified that any use, reproduction, disclosure or distribution of the information contained in the email is prohibited. If you receive this email in error, please reply to us immediately and delete the document. Viruses: It is the recipient/client's duties to virus scan and otherwise test the information provided before loading onto any computer system. No warranty is made that this material is free from computer virus or any other defect or error. Any loss/damage incurred by using this material is not the sender's responsibility. CVGT?s entire liability will be limited to resupplying the material. Please contact us at www.cvgt.com.au <http://www.cvgt.com.au> for further information regarding this disclaimer. -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.362 / Virus Database: 267.12.5/150 - Release Date: 10/27/2005 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.362 / Virus Database: 267.12.7/156 - Release Date: 11/2/2005