Sign in with
Sign up | Sign in

One Domain User Account Cannot Log on to Domain from One Particular Computer

This Tutorial addresses:
  • Domain
  • Computers
While working in a domain environment, there might be instances when you want to implement some securities on individual account basis. One such security that you can allow on the user accounts is that you can restrict them from logging on to the domain from a particular computers.

For example, if you do not want the users to log on to the domain from the C-01 computer, you can restrict them from doing so.

In your case, if a particular user account is unable to log on to the domain from one particular computer, it seems that the restriction discussed above has been implemented, and has successfully became applicable on the account.

Here is how you can rectify the issue, and can allow the user account to log on to the domain from any computer that is member of the domain:

  1. Log on to the Windows Server 2012 Active Directory domain controller with the Enterprise Admin or Domain Admin account credentials.

  2. If not already started, initialize the Server Manager window from the bottom left corner of the screen.

  3. On the opened Server Manager window, go to the Tools menu from the menu bar.

  4. From the displayed list, click Active Directory Users and Computers.



  5. On the opened Active Directory Users and Computers snap-in, from the left pane, expand the current domain name. (MYDOMAIN.COM for this demonstration.).

  6. From the expanded tree, locate the target OU that contains the domain user account that is facing the above issues.

  7. Once located, from the right pane, right-click the target user account. (User-01 for this demonstration.).

  8. From the displayed context menu, go to Properties.



  9. On the opened user’s properties box, go to the Account tab.

  10. From the displayed interface, click the Log On To button.



  11. On the opened Log on Workstations box, click to select the All computers radio button.



    Note: If the The following computers radio button is selected, and you want to keep the same security level, make sure that computer that the selected user is trying to use to log on to the domain is not enlisted in the Computer name list. If it is, click to select the target computer, and then click the Remove button in order to allow the selected user to log on to the domain using the target computer.

  12. Once this is done, click OK, and then close the Active Directory Users and
    Computers
    snap-in.

  13. Suggest the corresponding user to log off from the current computer, and try logging on to the domain from the computer that was having logon issues earlier. The user should now be able to log on to the domain using the computer successfully.

    Can't find your answer ? Ask !