Ask the Expert

How do I set up a user's rights without granting administrative rights?

I installed DNS and Active Directory on Windows 2000 and I have two big issues. First, users cannot log in from their workstations; they get "Access is Denied" when they try using their user login name, but if logging as administrator, it works fine using the same workstation. How do I set up the user's rights to log in to the server without granting the user administrative rights?

Second, is it necessary to use NetBIOS to be able to connect to the server? How can I implement a login script (.bat) to a group of users? Any effort to point me to an answer or solution is greatly appreciated.

Requires Free Membership to View

Be sure that there is a Global Catalog that's accessible (testing all aspects of name resolution) from the workstations that are being problematic. If a GC cannot be contacted, only administrators will be able to log onto Active Directory. Also check the Local Security Policy on the domain controller to be sure that the "Access this computer from the network" setting has not been restricted to administrative users only.

For your second question, NetBIOS connectivity is only necessary if you have specific client workstations (like NT or 9x) or applications that require NetBIOS name resolution. If all of your clients and apps can use DNS for name resolution, you can disable NetBIOS from your server. Finally, you can enable logon scripts using Group Policy Objects attached to a Site, Domain or Organizational Unit.

This was first published in May 2004

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: