2.2.6 Ensure 'Allow log on locally' is set to 'Administrators'

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

This policy setting determines which users can interactively log on to computers in your environment. Logons that are initiated by pressing the CTRL+ALT+DEL key sequence on the client computer keyboard require this user right. Users who attempt to log on through Terminal Services or IIS also require this user right.

Solution

Make sure 'Allow log on locally' is set to Administrators and Enterprise Domain Controllers.

See Also

https://workbench.cisecurity.org/files/1941