3WITH A USER THAT CANNOT SUCCESSFULLY LOGON TO THE NETWORK.WHILE ANY...
1.3
with a user that cannot successfully logon to the network.While any number of things maycause this problem behavior, there are several key items that can be quickly checked to ruleout the easy—and the obvious—problems that may occur.■
The user may not be allowed to logon to the specific computer interactively. Ifthe user does not have the user right to perform interactive logons, they willreceive an error dialog informing them of this situation.The network adminis-trator should check to ensure that the user has the correct user rights. If the userrights assignment is correct, they should ensure that the user is not trying tologon to a server or domain controller that they should not normally be usinginteractive logon for.■
The user may be using the wrong account type for the logon attempt.Thisproblem typically occurs when a user is attempting to use a local user name andpassword combination to perform a network logon. If the user is using the correctcredentials (network credentials), the network administrator should check toensure that the Global Catalog (GC) server(s) are available.When the GC isunavailable, only users with administrative credentials will be able to logon to thenetwork.■
The user’s account may be disabled or locked out.The network administratorshould check the Account tab of the user Properties dialog box to ensure that theaccount is not locked out or disabled. If the user account is locked out, the net-work administrator should check the Security Log to determine if the account isdisabled, determine the reason why, and enable the account if permissible.■
The user may not be allowed to logon to the network during the current timeperiod. User log-on hour restrictions may be preventing the user from performingthe network logon. From the Account tab of the user Properties dialog box, thenetwork administrator should click the Logon Hoursbutton to verify the cur-rent logon hours configured for the user.■
The user may not be allowed to logon to the network from the computer beingused. User logon workstation restrictions may be configured that do not allow theuser to use the current computer to perform a network logon. From the Accounttab of the user Properties dialog box, the network administrator should click theLog On Tobutton to view the current list of allowed logon computers.If none of these items correct the problems that the user is experiencing, the networkadministrator may also need to perform network troubleshooting to determine whether ornot network connectivity or congestion problems may the root of the problem. For moreinformation on TCP/IP addressing and network connectivity troubleshooting, seeMCSA/MCSE Exam 70-291 Study Guide & DVD Training System: Implementing, Managing,and Maintaining a Windows Server 2003 Network Infrastructure,Syngress Publishing 2003,ISBN: 1-931836-92-2.