• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

Only Administrator Account Can Log Into the 2k3 server from desktop on the network?

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
C

Cytomax

Member
Joined
Jul 29, 2003
Only Administrator Account Can Log Into the 2k3 server from desktop on the network?

Hello all this is my first 2K3 Standard Server (well its the first sever ever) that i am settings up and i read that Windows 2003 Server for Dummies book but its still a no go for me...

Let me start off by mentioning that i Do have 10 CALS that came with the Windows 2003 Server, Standard i guess they are built into the CD or something because i dont see any papers anywhere telling me codes to type into the computer If someone can please tell me if this is normal id appreciate it. I have NOT Activated the Product since im messing around with it i dont want to activate it yet because i may reformat many times before i get the server the way i want it. The Server is not hooked up to the internet and i have not registered StoreName.com but i will once i get this network up and running.

Maybe if i can explain what im trying to do someone can better help me...
This is a very simple network i am setting up for my parents business. They have 1 Server running Windows 2003 Server, Standard and 5 clients running Windows XP Professional. I need for all the computers to log onto a domain and map the servers hard drive to each clients computer. All of these people are in the same room connected through a switch and CAT5 cable. I just need to make 5 to 10 user accounts to be able to sit at any computer log onto a domain and begin working. I know ill most likely go into using roaming profiles and i know how to map hard drives i am stuck at the very first part which is creating users and letting them log into a domain from their computers. So far i can log into the Server from a client computer using the Administrator account and each of the clients can ping the server and the server can ping the clients all under 1 ms.

Situation
I set up a Windows 2003 Server, Standard and i install all the drivers etc.. and then i run the Set up Server Roles wizard and setup
1) My domain which is StoreName.com
2) DNS Server
3) DHCP Server

I have a WinXP Pro Laptop right next to the server.

I have a switch which connects the Server to the Laptop.

What i did on the Server
1) Now i go into the Manage Users and Computers in Active Directory
2) I go to the folder under my domain that says USERS
3) I Right Click (RC) in the USERS folder and go to New and add a new User
4) Type in First Name and Last Name and then a Log in Name called Eddie and then a Password.
5) I see the user is created and when i RC and go to Properties i see he is a member of Domain Users which is located in StoreName.com/Users
6) I cannot log in as Eddie because i get the error "The local Policy of this system does not permit you to logon interactively"


What i did on the Laptop
1) I logged in locally not using the domain or anything
2) Dropped the Workgroup i was in and Joined the Domain using the Administrator Account becuase my Eddie account wont work
3)Restarted the computer still logged in locally so i didnt use the domain yet and checked to make sure im getting an ip from the DHCP on the server
4) Logged out and tried to log in with Eddie and i made sure to select the domain from the drop down arrow
5) I can not log onto the domain from the laptop as Eddie because i get the error message "The System Cannot Log you on now because the domain StoreName (Not StoreName.com) is not available"
6) I can log onto the domain from the Laptop if i use the Administrator Account


Now i know i have to be missing something from the Eddie maybe a permission or i have to add him to a certain group etc... Can someone please help a noob out.
Thanks in Advance
Eddie

P.S. I updated Step 6 under What i did on the Server and step 5 and 6 under What i did on the Laptop

P.S.S. I updated step 5 and 6 (again because it was not clear) under What i did on the laptop and I mentioned in paragraph 2 that "The Server is not hooked up to the internet and i have not registered StoreName.com but i will once i get this network up and running." I also added paragraph 3
 
Last edited:
I will direct you here. This man is a god of windows administration. Some of it might be over your head now but it is an essential site for all sysadmins.

http://www.petri.co.il/index.htm

For internal domain names I usually use domain.local instead of domain.com but thats not your problem.

What do you want to log on to? Shared folders?

If you want complete access you must be a domain admin then you can browse everything using \\servername\c$\ or whatever drive you want to access.

If you just want to share a folder add either a username or security group to that folders share and security and then make sure the user is part of that security group or specified explicitly in the share.



edit...

here is a more basic site for getting your hands wet on windows 2003 and AD.

http://www.visualwin.com/
 
I need a bit more clarification: When you say you tried to log in with 'Eddie' to StoreName.com, did you get to a Windows desktop and were then unable to access the server, or were you not able to log into a Windows desktop at all with your Eddie domain account?
 
I edited the original post all i edited is the following

Under What i did on the Server I forgot to add Step 6 which is
6) I cannot log in as Eddie because i get the error "The local Policy of this system does not permit you to logon interactively"

Under What i did on the Laptop Steps 5 and 6 should read
5) I can not log into the Server from the laptop as Eddie because i get the error message "The System Cannot Log you on now because the domain StoreName (Not StoreName.com) is not available"
6) I can log into the Server from the Laptop if i use the Account Administrator

To answer your questions Slackfumasta i can not enter into the desktop if i try to log into the domain i get the error stated above...
Eddie
 
Last edited:
I have more updates to my original post which are

I updated step 5 and 6 (again because it was not clear) under What i did on the laptop

Last part of paragraph 2

The Server is not hooked up to the internet and i have not registered StoreName.com but i will once i get this network up and running.

Paragraph 3

Maybe if i can explain what im trying to do someone can better help me...
This is a very simple network i am setting up for my parents business. They have 1 Server running Windows 2003 Server, Standard and 5 clients running Windows XP Professional. I need for all the computers to log onto a domain and map the servers hard drive to each clients computer. All of these people are in the same room connected through a switch and CAT5 cable. I just need to make 5 to 10 user accounts to be able to sit at any computer log onto a domain and begin working. I know ill most likely go into using roaming profiles and i know how to map hard drives i am stuck at the very first part which is creating users and letting them log into a domain from their computers. So far i can log into the Server from a client computer using the Administrator account and each of the clients can ping the server and the server can ping the clients all under 1 ms.
 
Please follow the two links I posted. I think you should nix using storename.com and use storename.local.

1. install windows 2003
2. type cmd in run and then dcpromo in the command
3. follow the directions click next. use the .local extension.
4. create a user account in ad after you promoted the server.
5. create a network shared folder. set the share permissions to domain users and give them whatever access you want. you can be more specific in security. set security to either domain users which is the default group or a specific username like the one you created.


on the client
1. right click on my computer. select properties and go to computer name and select change or whatever the tab is. join the domain storename.local and add it with a domain admin account.
2. reboot
3. log in to the domain with the user account you created.
4. access the shares you made.

back to the server. when you register the domain name you can add it to active directory and exchange if you later buy an exchange license. add it in IIS and then set the cname and a records in dns.

That should be it.


edit...

if you want to get more specific in what is allowed/denied, ms has a free group policy editing tool you can download from their site. group policy manager.

also I HIGHLY recommend installing the administrative control pack plus gpm on a windows xp machine to manage the server. it will keep your adm files up to date for management on your xp gp objects. nifty

Follow those links. They will turn you into an AD guru.
 
Last edited:
The first thing you need to know is that your Windows 2003 Server Domain has absolutely nothing to do with your Internet domain. You can name your Windows domain whatever you want, it doesn't have to be a .com or anything even resembling your Internet domain. Though they use the same term to describe themselves (domain), they mean different things. However, using your Internet domain name to name your Windows domain shouldn't affect anything.

What you have done so far sounds like it's par for the course. You should be able to create your domain, create a user account, add a workstation (with the Administrator account if you did not specifically allow the 'Eddie' account to add that workstation), and log in with your user account.

What bothers me is that you are getting a "Domain not available" error, which means that there is a communication problem somewhere. If it were me, I'd be checking my DHCP scope on the server, and seeing what I am getting on IPConfig /all on the workstation.

Something is configured wrong somewhere, and it doesn't sound like a permission. In regards to Eddie not being able to log on to the server directly, that is by design. You would either have to make him part of the Domain Admins group, or allow Domain Users to log on at the console in the security settings for your server.
 
You must log in or register to reply here.

Similar threads

A
Really need help - cannot boot from USB to reinstall windows + more
Replies
9
Views
422
magellan
magellan
TickleMyElmo
How do I create a non-administrator account in Win. 11?
Replies
2
Views
528
TickleMyElmo
TickleMyElmo
V
Problem: iCUE/Corsair Keyboard no longer changes to my color profile upon startup?
Replies
4
Views
192
Viper69
V
BugFreak
Error 5303 when accessing Office apps
Replies
0
Views
578
BugFreak
BugFreak
dfonda
Anybody using a mat to keep their legs from burning when using their laptop ?
Replies
8
Views
295
Janus67
Janus67
Back