[pauluk83]

hey all

my problem is

i need to run a domain controler so i can have roaming profiles so my mates can have there own areas on the pcs

i would like to try server 2008 enterprise as i have a copy given to me by ms. problem is

vista vould not connect to the controoler kept giving me errors about cannt find server

and the users need to be able to log on to the domain controler, i e user can log on to my laptop or to the server depends witch is in use at the time, but it kept saying that the user didnt have rights to logon to the domain controller.

please help as it is doing my head in with my mates

cheers

[FAT64]

By default, ordinary users cannot logon locally to a Domain Controller. You will have to give them permission (something I wouldn't recommend). In Windows 2000, there is a utility called "Domain Controller Security Policy", expand Local Policy>User Rights Assignment and add "Authenticated Users" to the "Logon Locally" policy.

As to not finding the Domain Controller, a client uses DNS to locate a Domain Controller, try putting the IP address of the Domain Controller in the TCP/IP settings of the client.

[pauluk83]

FAT64, on Jun 8 2008, 03:51 PM, said:

By default, ordinary users cannot logon locally to a Domain Controller. You will have to give them permission (something I wouldn't recommend). In Windows 2000, there is a utility called "Domain Controller Security Policy", expand Local Policy>User Rights Assignment and add "Authenticated Users" to the "Logon Locally" policy.

As to not finding the Domain Controller, a client uses DNS to locate a Domain Controller, try putting the IP address of the Domain Controller in the TCP/IP settings of the client.

but i dont see Domain Controller Security Policy, only Local Security Policy

[FAT64]

1. Open GPMC, click Start, click Run, type gpmc.msc, and then click OK.

2. In the console tree, right-click Default Domain Controllers Policy in Domains\Current Domain Name\Group Policy objects\Default Domain Controllers Policy, and then click Edit.

3. In the Group Policy Management Editor window, in the console tree, go to Computer Configuration/Policies/Windows Settings/Security Settings/Local Policies/User Rights Assignment

Like I said, that was for a Windows 2000 DC, try the above.

[pauluk83]

FAT64, on Jun 9 2008, 12:16 PM, said:

1. Open GPMC, click Start, click Run, type gpmc.msc, and then click OK.

2. In the console tree, right-click Default Domain Controllers Policy in Domains\Current Domain Name\Group Policy objects\Default Domain Controllers Policy, and then click Edit.

3. In the Group Policy Management Editor window, in the console tree, go to Computer Configuration/Policies/Windows Settings/Security Settings/Local Policies/User Rights Assignment

Like I said, that was for a Windows 2000 DC, try the above.

ok i found the area u mentioned, but u cannot find log on locally, i got log on as a service though, any help?

[pauluk83]

ok i found log on locally evenutually, i have enabled it, BUT when a user tries to log on i get a message saying

""You cannot log on because the logon method you are using is not allowed on
this computer. Please see you network administrator for more details."

well i am the F**king admin. lol

also how do i get rid of the user password complexity and histor ect for users of the domain

This post has been edited by pauluk83: 12 June 2008 - 03:35 PM

[pauluk83]

hey all still having probelms...


i have got the setup working now just having issies with roaming profiles.

i got a user set up, but when loging on i get the following in the event log,

"Log Name: Application
Source: Microsoft-Windows-User Profiles Service
Date: 14/06/2008 21:46:48
Event ID: 1521
Task Category: None
Level: Error
Keywords: Classic
User: PSPAGE\pspage
Computer: server.pspage.local
Description:
Windows cannot locate the server copy of your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you log off. This error may be caused by network problems or insufficient security rights.

DETAIL - Access is denied.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-User Profiles Service" Guid="{89B1E9F0-5AFF-44A6-9B44-0A07A7CE5845}" EventSourceName="profsvc" />
<EventID Qualifiers="49152">1521</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2008-06-14T20:46:48.000Z" />
<EventRecordID>289</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>server.pspage.local</Computer>
<Security UserID="S-1-5-21-664250057-3065096007-1029384459-1108" />
</System>
<EventData Name="EVENT_CENTRAL_NOT_AVAILABLE_DISABLE">
<Data Name="Error">Access is denied. </Data>
</EventData>
</Event>"


I have tin the user account, in the profile tab i have the following

in the profile path i have :\\Server\netlogon\pspage
and i have set the home directory to drive z: \\Server\netlogon\Documents\pspage

obviosly the netlogon folder was already created i just added the documents folder and shared it, with the following, users with full control

creator ower, authenticated users, the user who is loged on so in the case paul s page, system, administrators, and server operators.

so how can it still be denided accsess when the user has full accsess on that share?

any help?

paul

[pauluk83]

.

This post has been edited by pauluk83: 16 June 2008 - 02:55 AM

[pauluk83]

any1?

i really need this to work asap to get it all setup and working

[Tripredacus]

I suppose on the Vista machines you have already had them stop being in a workgroup right?

[pauluk83]

i am using a vm at the moment just till i figured this out, so its on the same vm, users can logon on a temp profile

[pauluk83]

i still dont know what is causing this, any1 got any pointers?