I installed DNS and Active Directory on Windows 2000 and I have two big issues. First, users cannot log in from their workstations; they get "Access is Denied" when they try using their user login name, but if logging as administrator, it works fine using the same workstation. How do I set up the user's rights to log in to the server without granting the user administrative rights?
Second, is it necessary to use NetBIOS to be able to connect to the server? How can I implement a login script (.bat) to a group of users? Any effort to point me to an answer or solution is greatly appreciated.
For your second question, NetBIOS connectivity is only necessary if you have specific client workstations (like NT or 9x) or applications that require NetBIOS name resolution. If all of your clients and apps can use DNS for name resolution, you can disable NetBIOS from your server. Finally, you can enable logon scripts using Group Policy Objects attached to a Site, Domain or Organizational Unit.
This was first published in May 2004