Would you like to learn how to use a group policy to allow a regular user to log in to the domain controller? In this tutorial, we will show you how to allow the local login on the domain controllers using a GPO.

• Windows 2012 R2
• Windows 2016
• Windows 2019
• Windows 10
• Windows 7

Equipment list

The following section presents the list of equipment used to create this tutorial.

As an Amazon Associate, I earn from qualifying purchases.

Tutorial Windows - Allow user login on the domain controller

On the domain controller, open the group policy management tool.

Windows 2012 - Group Policy Management

Edit the default domain controllers policy.

Default domain controllers policy

On the group policy editor screen, expand the Computer configuration folder and locate the following item.

Copy to Clipboard

Access the User rights assignment option.

GPO - User Rights Assignment

Access the option named Allow log on locally.

Click on the Add button and enter a username or group.

Domain controller - Allow log on locally

Optionally, access the option named Allow log on through remote desktop services.

Click on the Add button and enter a username or group.

Domain controller - Allow log on remotely

To save the group policy configuration, you need to close the Group Policy editor.

In our example, a regular user named GOKU will be able to log in to the domain controllers.

Congratulations! You have finished the GPO configuration to allow regular users log in to the domain controller.