**NB: This FAQ doesn't apply to Copssh 4.3.1 and up as they handle the problem automatically. You may still need to fix it on DCs for example.
By default, normal users are not allowed to log on locally on domain controllers. Same restrictions may also apply for other Windows systems . User right Allow log on locally needs to be delegated for proper login.
One-time procedure:
- Create a security group for COPSSH users.
- Add your group to the list of authorized credentials for the required user right:
Administrative Tools--> Domain Controller Security Policy for domain controllers or Local Security Policy for other Windows systems) --> Local Policies--> User Rights Assignment--> Allow Log on locally
For every ordinary copssh user:
- Make the user a member of the group mentioned above.
- Activate user in Copssh control panel