Domain Admin Access not working

Carmen Goodin 1 Reputation point
2020-11-11T14:39:42.917+00:00

We recently hired a new domain admin and after setting up his account he is not able to log into any of our domain controllers nor is his credentials working to join computers to the domain. The following is the error he receives when trying to log into Domain Controller from VMware console connection. "The sign-in method you're trying to use isn't allowed. For more info, contact your network administrator." He is also not able to connect via RDP. All existing Domain Admins are able to connect via both ways. We removed him from all other groups other than the Domain Admin group.

Windows Server 2012
Windows Server 2012
A Microsoft server operating system that supports enterprise-level management, data storage, applications, and communications.
1,534 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Fan Fan 15,301 Reputation points Microsoft Vendor
    2020-11-12T01:36:59.057+00:00

    Hi,

    It seems the user was not allowed to RDP to the DCs.
    I would suggest you check the group policy :Allow log on through Remote Desktop Services under computer configuration>policies>windows settings>security settings>local policies on the default domain controller GPO
    39143-11121.jpg
    On domain controllers: Administrators group was able to RDP to DCs by default.
    If you want to assign the permission to other users, you can add the users to the administrators group or add the user through the group policy mentioned.

    0 comments
  2. Carmen Goodin 1 Reputation point
    2020-11-12T15:15:49.183+00:00

    We don't have any of those GP's set and nothing is tied to this OU besides the default domain GP.
    I ended up reaching out to a local Microsoft support and they were able to find a work around.

    Thanks for the assistance.

    Carmen Goodin