Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

XP Pro client logon to 2000 server

Status
Not open for further replies.
amwoolf

amwoolf

IS-IT--Management
Aug 31, 2005
30
I just started doing some work at a company and noticed that all of their XP Pro workstations require a local account (same name as domain account) in order to permit the account name to logon to the domain. I know that this should not be as any valid domain userid should be able to logon via any workstation connected to the network. But I can't figure out why/how this problem exists. I deleted the computer name from AD and then ran the network setup wizard on the XP client. This required me to enter a domain name/password and placed the info in the local computer user database. If I skip this step, then the user cannot logon to the domain. In other words, users can only logon to the domain if the userid is also on the local computer.

Anyone know why this is happening and how to correct it?

Thanks.
 
Sort by date Sort by votes
amwoolf,

As you are just doing work at this company, you should determine which method they have used in applying their "CAL's. There are essentially two methods: Per-User CAL's and Per-Device CAL's.

It appears that they have Per-Device CAL's. These allow multiple users to log-on from a shared device.

In contrast, Per-User CAL's allow a user to log-on from any connected device.

Check into this and post back with what you find.


rvnguy
"I know everything..I just can't remember it all
 
Upvote 0 Downvote
OK, I will check this out tomorrow when I am there. They did receive a few brand new computers and I set one of these up and it has the same problem. For my info (since I don't know this), are the CALS installed on the domain controller?

Thanks.
 
Upvote 0 Downvote
amwoolf,

You should definitely brush up on this. Server 2000 has some differences from Server 2003. This subject can/is more involved especially if there are many clients.

See these links:






rvnguy
"I know everything..I just can't remember it all
 
Upvote 0 Downvote
rvnguy,

thanks for the links...in Windows 2000 it appears you can do per seat or per server licensing. I think it is in 2003 that you can also do per device or per user.

this company has Windows 2000 servers and they are currently using server licensing - not per seat licensing. They have 250 licenses on the server.


So I am still confused why they need to place the domain userid into the local XP machine in order to logon to the domain.
 
Upvote 0 Downvote
Additional info - according to people here this only recently started to occur. It happens on win2k as well as XP machines. Since this is relatively new problem here I am thinking it is related to a hotfix placed on the servers. So now this needs to be investigated. Any ideas?
 
Upvote 0 Downvote
amwoolf,

The behaviour you are seeing has to do with the XP method for logon. You can set the GPO's and many items can be controlled.

See the following Links:
Reverting to Windows 2000 Logon Processing
Some administrators may wish to guarantee the application of Folder Redirection, Software Installation, or roaming user profile settings in just one logon or boot cycle of the machine, which is the default state in Windows 2000. To enable this for Windows XP, administrators need to enable the setting Always wait for the network at computer startup and logon (located in the Group Policy snap-in at Computer Configuration\Administrative Templates\System\Logon).
Click to expand...
Are you joining the client?
Domain Logon
A domain logon requires that the user have a user account in the domain’s Active Directory. The computer must be joined to the domain and have a network connection to the domain. Users must also have rights to log on to a local computer or a domain. Domain user account and group membership information is used to manage access to domain and local resources.
Click to expand...

Interactive Logon Link

XP Logon Problems


rvnguy
"I know everything..I just can't remember it all
 
Upvote 0 Downvote
got it fixed ...someone changed a default setting in the domain GPO.

See article 273720 from Dec 11, 2004.

Thanks for your assistance!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
598
DTGMI
DTGMI
MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
527
MaioMaio
MaioMaio
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
708
Aquiles Vidal
Aquiles Vidal
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
927
suncit
suncit
MattM1975
  • Locked
  • Question
Domain Admin Logon 1
Replies
2
Views
366
ADB100
ADB100

Part and Inventory Search

Sponsor

Back
Top