Compartilhar via

Allow logon locally to a domain controller

  • Artigo

We finally published the procedures for allowing a user or group to logon locally (at the console) to a domain controller. All the administrative groups, like server operators, backup operations, account operations, and administrators have this right by default. However, when an application gets installed on a domain controller and you want to logon to a domain controller using a management account for that application, you might need to grant that account the right to logon locally. The procedure for doing so is published as Grant a Member the Right to Logon Locally.

This posting is provided "AS IS" with no warranties, and confers no rights.

Comments

  • Anonymous
    January 01, 2003
    Thanks for the question. I was planning to answer here with what we've developed thus far, which isn't quite complete. Then, I realized that I could put it on the TechNet Wiki and other people could help flesh it out. Go to the TechNet Wiki "social.technet.microsoft.com" and check it out "Managed Service Accounts (MSAs) versus virtual accounts in Windows Server 2008 R2" Thanks!

  • Anonymous
    January 01, 2003
    Hi, I have a off track question related to the documentation of Virtual Accounts introduced in Win7 and 2008 R2. This link below at the end talks about virtual accounts little bit. http://technet.microsoft.com/en-us/library/dd548356(WS.10).aspx Could you please through some light on how we use, scenerios it will be fit into etc etc.....

  • Anonymous
    January 01, 2003
    Thanks a lot for the information Kurt. I really appreciate your response as I have been not finding any info on this.

  • Anonymous
    April 27, 2011
    Hi Guys , How to give access for allowing to log in locally to a domain user ?

  • Anonymous
    April 28, 2011
    Add the domain user name to the Grant a Member the Right to Logon Locally policy - as linked to above.

  • Anonymous
    July 15, 2014
    I'm using SBS 2011 but I can't get Group Policy to allow a certain user (who is also an administrator) to log on to the SBS server locally. I've added their user name to the domain controller's Allow log on locally settings but it's not having any effect.