We are first year student in a IT education. We're working on a projekt where we have to Install Active directory on windows server 2008. We followed an installation guide step by step. Then we created a User by doing the following.
open Server Manager
Open up the Roles section — next to Active Directory Users and Computers section and finally the Active Directory Users and Computers
We found our domain and we right clicked on the Users section. Then clicked on the New and selected User.
So far so good....
The problem is that the User we created should be able to logon our domain locally. There is no problem with logging in as Administrator, but when we try logging in with the User we get this message:
You can not log on because the method you are using is not allowed on this computer. Please see your network administrator for more detail
We had read this post
http://social.technet.microsoft.com/Forums/en-US/winservermanager/thread/f393d9c3-926a-4368-968c-4b8a024c0536
And we did the following:
For a domain controller, you need to configure the security setting in Default Domain Controller Policy GPO:
1. On the Windows Server 2008 domain controller, click Start, type gpmc.msc in the Start Searchbox, and press Enter to open the Group Policy Management console.
2. In the Group Policy Management console, expand <You Domain>\Domain Controllers, right-click Default Domain Controller Policy, and click Edit.
3. In the Group Policy Management Editor window, expand Computer Configuration\Windows Settings\Security Settings\Local Policies\User Right Assignment, and then you will see the security setting Allow log on locally in the right pane.
4. Double-click the security setting Allow log on locally, click Add User or Group tab, click Browse, type domain users in the box, click Check Names, and click OK three times to apply the settings.
5. On the Windows Server 2008 domain controller, run command gpupdate /force to apply the policy.
But we still get this message when we try to logon with our User:
You can not log on because the method you are using is not allowed on this computer. Please see your network administrator for more detail
Hope someone can help us.