G
Guest
Hello All,
We are having some problems and I'm starting to get really confused. The
problems all lead me back to the same issue when I research them, but I hit a
dead end. We have 4 domain controllers. 2 are at our main site, and 1 each at
our 2 remote locations.
The main problem I am writing about is that we have a new member of the IT
dept that is our web site admin. She needs to log on to one of our DCs to do
admin work on our Intranet site. She is not a domain admin so it will not let
her. I put her in the "server operator" group, and it still will not let her.
I gave both her account, and the server op group "log on locally"
permissions, but that hasn't worked. Only domain admins can log on locally to
the server.
Here is another problem that makes me think it is related. Our 2 remote
locations, in addition to being DC also are backend servers for Exchange.
Only domain admins can access OWA on those 2 servers. I created a test web
site, and the same thing happened. This makes me believe that the issue is
with Windows and not Exchange. The strange part about the test web site and
OWA is that if a domain admin logs on to the web site, for about 5 minutes
all users can authenticate just fine. Then it starts denying them again.
Finally, when I first installed the 2 servers at the remote sites we had an
issue where only domain admins could print. I changed the printers from
queueing to print directly, and it worked. Since I had time restraints, and
there are only a few users at these locations I let it go. However, now the
other makes me think this is a larger issue. For both the printing and the
web sites the NTFS permissions are fine. And in the domain and local security
policies the "authenticated users" group has log on locally and access from
the network permissions.
Sorry to ramble but the issues all seem related, and people are starting to
complain.
Thanks
Mike
We are having some problems and I'm starting to get really confused. The
problems all lead me back to the same issue when I research them, but I hit a
dead end. We have 4 domain controllers. 2 are at our main site, and 1 each at
our 2 remote locations.
The main problem I am writing about is that we have a new member of the IT
dept that is our web site admin. She needs to log on to one of our DCs to do
admin work on our Intranet site. She is not a domain admin so it will not let
her. I put her in the "server operator" group, and it still will not let her.
I gave both her account, and the server op group "log on locally"
permissions, but that hasn't worked. Only domain admins can log on locally to
the server.
Here is another problem that makes me think it is related. Our 2 remote
locations, in addition to being DC also are backend servers for Exchange.
Only domain admins can access OWA on those 2 servers. I created a test web
site, and the same thing happened. This makes me believe that the issue is
with Windows and not Exchange. The strange part about the test web site and
OWA is that if a domain admin logs on to the web site, for about 5 minutes
all users can authenticate just fine. Then it starts denying them again.
Finally, when I first installed the 2 servers at the remote sites we had an
issue where only domain admins could print. I changed the printers from
queueing to print directly, and it worked. Since I had time restraints, and
there are only a few users at these locations I let it go. However, now the
other makes me think this is a larger issue. For both the printing and the
web sites the NTFS permissions are fine. And in the domain and local security
policies the "authenticated users" group has log on locally and access from
the network permissions.
Sorry to ramble but the issues all seem related, and people are starting to
complain.
Thanks
Mike