Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

local policy doesn't permit logon interactively error

1 view
Skip to first unread message

jeff

unread,
Jul 14, 2003, 3:53:18 PM7/14/03
to
Hi, this is a repost of a message below, because I wasn't
getting a solution and people might have skipped over the
issue.

for you reference you can read the most recent chain of
messages below.

thanks for your posts!

----start message chain----------

yes,
it is a member of administrators, remote desktop users,
and users.

i don't intentionally have a firewall, but before i
upgraded from win 2k to win xp, i was running the free
version of zone alarm, a software firewall that i
uninstalled prior to installing xp.

any clue on how i can "lock" the host so it will accept
incoming connections? my shutdown menu only offers turn
off, stand by, or restart and my logoff menu only offers
switch user or logoff, when i ctrl-alt-del, i get task
manager, but no option to lock computer.
>-----Original Message-----
>is the account a member of the remote user group or an
administrator group
>do you have firewall
>
>"jeff" <m...@jeffreyadamyoung.com> wrote in message
>news:09a201c34a23$4c9ffcd0$a601...@phx.gbl...
>> You are correct with the #1 scenario, and yes the isp
>> assigns unique ip addresses to the desktop and laptop--
>> two of them, one for the desktop(host) and one for the
>> laptop
>>
>> and, I don't have the systems networked peer-to-peer,
>> they are just using the hub to share the internet
>> connection.
>>
>> what is this "login interactively" error? and is there
a
>> way to "lock" my host system, so that win xp pro will
min
>> accept the incoming remote desktop connection from my
>> laptop?
>>
>> >-----Original Message-----
>> >How is your network setup
>> >
>> >1 I take it that your cable modem is plugged in tot he
>> uplink port of the
>> >hub and the desk top and the laptop in to normal
ports ?
>> >2 Or do you have two network cards in the desk top one
>> for cable modem and
>> >one to the network hub?
>> >
>> >If one do you get two ip address's from your ISP one
>> for the desktop and
>> >one for the labtop
>> >If two did you manuly give ip address's to the second
>> network card in the
>> >desktop and the laptop
>> >
>> >
>> >"jeff" <m...@jeffreyadamyoung.com> wrote in message
>> >news:095101c34a18$c2263420$a501...@phx.gbl...
>> >> thanks for that...so i did an ipconfig found, my ip
>> >> address, released, renewed and it was the same so,
for
>> >> now I know it's not immediately dynamically
assigned by
>> >> comcast (my cable broadband ISP), and i won't bother
>> with
>> >> mapping the ip to a domain name.
>> >>
>> >> when i enter in the ip address, username/password
into
>> >> remote desktop from my laptop, it begins the session
>> with
>> >> a logon dialog, but an error message states
that "the
>> >> local policy of this system does not permit you to
>> logon
>> >> interactively"
>> >>
>> >> so I log off of the host system...it gets to the
win xp
>> >> welcome page where you can select a user, and i try
the
>> >> remote desktop connection again. but, same error
>> message
>> >> appears. help!
>> >> >-----Original Message-----
>> >> >You need to use the public IP of the home PC. If
the
>> IP
>> >> is dynamically assigned by your IPS look at
>> >> >using one of the dynamic DNS services that map a
fully
>> >> qualified domain name to the ISPs DHCP
>> >> >assigned IP address. Typically a small program
runs on
>> >> the PC and contacts the dynamic DNS services
>> >> >server on a periodic basis. The IP is mapped to the
>> name
>> >> and that information is propagated over the
>> >> >public internet. Call using the fully qualified
domain
>> >> name. I use a *FREE* service from No-IP.com
>> >> >
>> >> >http://www.no-ip.com
>> >> >
>> >> >Others, some free some $$$$, are listed here...
>> >> >
>> >> >http://www.remotenetworktechnology.com/ow.asp?
Remote%
>> >> 5FNetwork%5FHome%2FConnections
>> >> >
>> >> >If the PC is behind a firewall/NAT/router or the XP
>> >> Internet Connection Firewall (ICF) is enabled
>> >> >then you also need to open TCP Port 3389 to the PC.
>> >> >--
>> >> > Al
>> >> >
>> >> >Please post *ALL* questions and replies to the news
>> >> group for the mutual
>> >> >benefit of all of us...Unsolicited personal emails
are
>> >> *NOT* answered.
>> >> >
>> >> >"jeff" <m...@jeffreyadamyoung.com> wrote in message
>> >> news:043e01c349bf$ff459fc0$a401...@phx.gbl...
>> >> >> Okay.
>> >> >> I bought Windows XP so that I could connect to my
>> home
>> >> >> machine from my desktop, when I am not at home.
>> >> >> Remote desktop should do this for me, right?
>> >> >> So I set up my desktop at home by checking the
allow
>> >> >> users to connect remotely to this computer
checkbox
>> in
>> >> >> the system properties/remote tab. I even set up a
>> new
>> >> >> user account specifically for connecting remotely
>> with
>> >> a
>> >> >> new user id/password.
>> >> >> I am not on a 'domain' system, as I use a single
>> >> desktop
>> >> >> computer at home with a cable modem and am
>> attempting
>> >> to
>> >> >> connect to that system remotely with my laptop
>> >> (although I
>> >> >> am actually testing the connection locally using
a
>> >> >> hub)...each system has a unique install of win xp
>> pro
>> >> on
>> >> >> them, with separate cd keys/serial #s.
>> >> >>
>> >> >> So, when I try to connect to the desktop from my
>> laptop
>> >> >> using a remote desktop connection where I have
input
>> >> the
>> >> >> name of my computer (not ip address) the user
name
>> and
>> >> >> password I set up for connecting leaving the
domain
>> >> field
>> >> >> blank, I get the error:
>> >> >>
>> >> >> "The specified remote computer could not be
found.
>> >> verify
>> >> >> that you typed the correct computer name or ip
>> address,
>> >> >> then try connecting again..."
>> >> >>
>> >> >> I know I must be missing something here...since
if
>> any
>> >> >> shmoe randomly typed in my computer name using
their
>> >> >> remote desktop connection client, they might be
>> able to
>> >> >> get on to my home desktop if they guessed my user
>> >> >> id/password. right?
>> >> >>
>> >> >> I did some reading in the xp help file and online
>> that
>> >> >> said I need to lock my desktop computer before i
can
>> >> >> connect to it remotely, but locking is only an
>> option
>> >> >> when you are on a domain-based network according
to
>> >> >> another note in the help file.
>> >> >>
>> >> >> any way. some help in setting up this remote
desktop
>> >> >> connection would be much appreciated.
>> >> >
>> >> >
>> >> >---
>> >> >Outgoing mail is certified Virus Free.
>> >> >Checked by AVG anti-virus system
>> >> (http://www.grisoft.com).
>> >> >Version: 6.0.500 / Virus Database: 298 - Release
Date:
>> >> 7/10/2003

Sooner Al

unread,
Jul 14, 2003, 5:27:48 PM7/14/03
to
That error is referenced in the XP Pro Resource Kit.

http://www.microsoft.com/technet/prodtechnol/winxppro/reskit/pree_rem_ocqv.asp

This Google search result may help...

http://groups.google.com/groups?as_q=%20local%20policy%20doesn%27t%20permit&safe=images&ie=ISO-8859-1&as_ugroup=*.work_remotely&lr=&hl=en

--
Al

Please post *ALL* questions and replies to the news group for the mutual
benefit of all of us...Unsolicited personal emails are *NOT* answered.

"jeff" <m...@jeffreyadamyoung.com> wrote in message news:046001c34a41$92127a40$a101...@phx.gbl...

Version: 6.0.501 / Virus Database: 299 - Release Date: 7/14/2003

jeff

unread,
Jul 14, 2003, 7:36:29 PM7/14/03
to
thanks,
I followed all of the instructions listed there and it
still didn't work.

just for the sake of argument, I tried connecting the
other direction...from the desktop to the laptop. and
guess what? it worked completely.

so...what is it about my desktop that won't accept
incoming remote desktop connections? could it be that i
purchased the o/s from an, ahem, online auction? the one
on my laptop was oem with the system.

looks like i might need to fork over the dough for a new
version of XP for my desktop???

any ideas?

>.
>

David Jones

unread,
Jul 14, 2003, 8:42:23 PM7/14/03
to
Can you test this on the same LAN, with a known IP
address, and see if you get this error?

If you get this particular error, it means one of the
following:

The account you are using does not have a password (and
needs one to be able to log in via RD).

The account you are using is not a member of either the
Remote Desktop Users group or the Administrator group.

The account you are using does not have the "Allow logon
through Terminal Services" right (it must have this right
to log on via RD).

If you create another account and use that account to log
on, are you successful?

You can also open gpedit.msc, expand Computer
Configuration->Windows Settings->Security Settings->Local
Policies->User Rights Assignment, find "Allow logon
through Terminal Services" and add the account to see if
that was the problem.

>.
>

jeff is elated!

unread,
Jul 15, 2003, 1:25:39 AM7/15/03
to
David, you are my savior!

Just as you said, I needed to allow connection through
terminal services, and "whoosh" I was off to the remote
desktop races!
I don't know how I can possibly thank you enough, I have
been working on this issue for over 12 hours, and now it
is solved!!!

For anyone else in this situation, please follow David's
advice regarding setting the right to allow logon through
Terminal Services.

Yipee, now that I have RD working, I am a happy camper.

Thanks a million, David Jones. I owe you big, big, BIG
time!

>.
>

David Jones

unread,
Jul 15, 2003, 4:32:25 PM7/15/03
to
No problem, glad that it's working correctly now.

Normally the "Allow logon through Terminal Services"
right is granted to everyone in the Administrators and
Remote Desktop Users group, somehow that got screwed up
on your system I guess.

Good to hear you got it working.

>.
>

0 new messages