jueves, 22 de mayo de 2014

Problemas al ingresar con un usuario al dominio de windows (AD)

Bueno días.

El día de hoy estaba auditando un sistema que se integra con el directorio activo de windows, lo primero es partir de la idea de crear un usuario en el dominio verificando que funciona con nuevos usuarios y los permisos establecido.

Se ha presentando un problema en el proceso donde al tratar de entrar al dominio este me devolve el siguiente problema : "You cannot log on because the logon method you are using is not allowed on this computer", dicho esto se deduce que la alerta es directamente de windows y no de la aplicación integrada.

Para organizar esto se debe hacer lo siguiente:

To Edit the Local Policy on a Windows(2000/XP/Vista)-Based Computer


  1. Click Start, and then click Run.
  2. In the Open box, type gpedit.msc, and then click OK.
  3. Expand Computer Configuration, expand Windows Settings, expand Security Settings, expand Local Policies, and then click User Rights Assignment.
  4. In the right pane, double-click Allow log on locally.
  5. Click Add User or Group, and then type User or Group then click OK.

    NOTE: If domain-level policy settings are defined, they may override this local policy setting.
  6. Quit Group Policy Editor.
  7. Restart the computer.

To Edit the Group Policy in a Domain


  1. Start the Active Directory Users and Computers snap-in. To do this, click Start, point toPrograms, point to Administrative Tools, and then click Active Directory Users and Computers.
  2. In the console, right-click your domain, and then click Properties.
  3. Click the Group Policy tab.
  4. In the Group Policy Object Links box, click the group policy for which you want to apply this setting. Click Default Domain Policy.
  5. Click Edit.
  6. Expand Computer Configuration, expand Windows Settings, expand Security Settings, expand Local Policies, and then click User Rights Assignment.
  7. In the right pane, double-click Allow log on locally.
  8. Click Add User or Group, and then type User or Group then click OK.
  9. Close the Group Policy editor, and then click OK.


Troubleshooting

Group Policy changes are not immediately enforced. Group Policy background processing can take up to 5 minutes to be refreshed on domain controllers, and up to 120 minutes to be refreshed on client computers. To force background processing of Group Policy settings, use the Secedit.exe tool. To do this:
  1. Click Start, and then click Run.
  2. In the Open box, type cmd, and then click OK.
  3. Type secedit /refreshpolicy user_policy, and then press ENTER.
  4. Type secedit /refreshpolicy machine_policy, and then press ENTER.
  5. Type exit, and then press ENTER to quit the command prompt.
Con esto ya funciona y podremos seguir a auditar la aplicación.

Saludos jadcodianos. 

Fuente: http://itshi-tech.blogspot.com/2010/02/you-cannot-log-on-because-logon-method.html
Etiquetas:

No hay comentarios:

Publicar un comentario

Suscribirse a: Enviar comentarios (Atom)