I created a new server 2008 R2 joined it to the domain at first as a member and just installed it as a DC in AD preformed first reboot after AD install process finished... Now when I try to logon locally I get "you can not log on because the logon method you are using is not allowed on this computer".... Also since the reboot RDP not loner seems to be open.... Tried to modify GP to allow RDP through windows firewall.... Not sure if this will work in a few hours... Can anyone offer me suggestions on how I can access this server to modify it's local logon policies or it's windows firewall policies to allow local or rem

Regarding the local login, yes that's right, once a server has been made a domain controller it no longer HAS a local login account. Effectively it IS the domain, so it can't not login to it. Only member servers and client machines are able to choose whether to login to the local machine or the domain.

For Remote Desktop, RDP to domain controllers isn't recommended for security reasons, and as such is disabled by default. I think you'd need to enable and configure the "Allow log on through terminal services" policy to allow your admin login access.

Thank you for your response... My mistake in explaining I did not mean literally logging on with a local account, I meant logging on locally through a keyboard mouse and monitor or via the hypervisor using the domain admin username and password... Have tried several domain admin accounts and get the same response "you can not log on because the logon methiod you are using is not allowed on this computer"....As far as the Remote Desktop I only connect and allow connection on the local LAN, and all the other servers allow this, I have tried to modify the GP, it says it may take a few hours but did not see anything that should have denied RDP....

I was able to figure out how to logon locally with another domain user but when do I change the settings on this system and deny me from logging on locally as a domain administrator... I was also able to get Remote Desktop running and I can logon that way now, but still can not figure out the policy that is preventing a domain admin from logging in locally, same message "you can not log on because the logon methiod you are using is not allowed on this compute"....

Thanks