New Active Directory Documents for IT Pros
We finally published the procedures for allowing a user or group to logon locally (at the console) to a domain controller. All the administrative groups, like server operators, backup operations, account operations, and administrators have this right by default. However, when an application gets installed on a domain controller and you want to logon to a domain controller using a management account for that application, you might need to grant that account the right to logon locally. The procedure for doing so is published as Grant a Member the Right to Logon Locally.
This posting is provided "AS IS" with no warranties, and confers no rights.