A. Before Microsoft developed the Microsoft Management Console (MMC) Active Directory Users and Computers snap-in, administrators used the User Manager for Domains tool to manage user accounts. You might still have a need to administer a Windows NT 4.0 domain from Windows 2000 or NT 4.0 clients, which can lead to problems when you try to add or remove user accounts from the "Grant To" list in the User Rights Policy dialog box and result in the following error:
You may not remove the local logon right from the Administrators local group. Doing so will disable all local administration of this computer.
This error can result from the following conditions:
- A Win2K Professional installation is running the NT 4.0 Administration Tools. Win2K machines must run the Win2K Administration Tools (i.e., adminpak.msi) that come with Win2K Server.
- The "Grant To" list you're attempting to modify contains a deleted user or group. To resolve this problem, you must log on to the PDC of the NT 4.0 domain and use the local User Manager for Domains tool to remove the deleted account or group from the "Grant To" list.
2 comments
Hide comments