Jump to content
RESET Forums (homeservershow.com)

Setting up a user account to login directly on the WHS?


Nevalite
 Share

Recommended Posts

Hello,

 

I would like to setup a user account that can log into the WHS other than Administrator. I am not talking about a remote access but actually log onto the machine running WHS locally. Right now the only option is Administrator and I cannot "change user". I tried enabling the Guest account, it does become visible but it will not log on, says access denied or something.

 

Is there any way to allow a user account to log in directly on WHS?

 

Thank you.

Link to comment
Share on other sites

I'd have to check, but I think only members of the Administrators group is allowed to log into the server. 

 

At best, to change this behavior, you'd have to run "secpol.msc" to change it. I'd have to fire up my VM to verify.

 

But to be honest, I don't think it is a good idea to allow any user to log into the server for any reason except for management. So why do you want to do this?

Link to comment
Share on other sites

I tested it earlier. A non-admin account can log in; it just can't do very much --> gets prompted for admin credentials all the time  ;)

Link to comment
Share on other sites

I tested it earlier. A non-admin account can log in; it just can't do very much --> gets prompted for admin credentials all the time  ;)

 

Yep if it's a domain controller (which WHS 2011 isn't) then only members of the local Administrator's group can even log into it, unless, as Chris says, you mess around with the default security policy. 

 

So in answer to the OP, if you want a user account that can log in locally to the server and be able to manage it then create the account and add it to the Administrator's group. This is not a particularly good idea from a security and best practice viewpoint - what exactly are you trying to achieve? There may well be a better way of doing it.

 

John

Edited by jem101
Link to comment
Share on other sites

AD is always more restrictive. But isn't that part of the point?

 

And I wasn't aware of the non-AD thing. But I never actually used WHS2011.... just SBS2011E (domain controller). And WHSv1... as a Domain Controller. :P

 

But yes, jem101 is right (and it's good to see posts from you). It's bad practice to allow a user to log into a server. Domain or otherwise. 

Link to comment
Share on other sites

Indeed, it should be more restrictive. I do have a non-admin account on my server, but I'm the only one who can use it. It's mainly for checking things (i.e. I never use it, for example, to surf the net).

Link to comment
Share on other sites

I think what the OP is wanting to do is have an auto logon to a remote WHS client with no password, which you can do as long as you change the Group Policy for that client.  Once that client is "joined" to a WHS 2011 environment, passwords are enforced,

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...