I'm getting the following error:

"The local policy of this system does not permit you to logon interactively."

I have searched these forums as well as google and I have not found a solution.

Any help would be greatly appreciated.

Are you getting this when logging on as Administrator? Or for user accounts?
Are you logging onto the server? Or users to workstations?

I successfully log on as administrator. Then when I click to connect to a client desktop I see my client machines. When I try to log in at that point with the user account for that machine I get that error.

Are the SBS users in the default OU?
Double check the groups they're a member of...in ADUC..ensure in RWW group
Ensure on the desktop, that they've been added to the remote desktop users group, and that remote desktop is enabled.
SBS group policy should have the remote desktop exception set in the XP firewall already.

The users are in the RWW group and the desktop is checked to allow remote desktop, the user is added in the group on the desktop as well as having the firewall allowing remote access.

the user is a member in active directory. i'm a little lost here.

Any other suggestions? Maybe something i'm overlooking?

On the server mgmt console, check licensing and see if you happen to be maxing out the available SBS licenses.

Also, try rebooting the computer after it gives you the error and see if the user can get back in via RWW.

I rebooted the server and the workstation. I tried this with only one workstation logged into the domain so I don't think licensing is an issue. I am sure that it is just something simple I overlooked I just can't figure it out.

Can you log onto the workstation directly through Remote Desktop? Say you launch it from sitting at the server...or another PC On the LAN....start==>run==>MSTSC /CONSOLE
Enter the IP of the workstation..attempt to log in. I'm trying to rule out something in RWW.

No, I actually get the same error.

Something probably incorrect in secpol.msc or gpedit...may want to pour through that. Lets go back..just on this one workstation? Or on all of them?

And this is my problem. Group Policy error. I do not have permissions on the client machine. So i'm guessing that I have something not setup on the user account on the server. I am sure I have the user added to the correct groups.

Going to double check the user account.

Something tells me yeah the local system policy is hosed. I've seen this issue before...actually rather recently. 1x machine that had a history of issues from the prior consultant...even had the original registry hive restored..but lots of other related issues. I tried copying the secpol from another healthy machine to it...still no luck. Even the domain admin login was tanked on it...difficulty adding the domain user account to the local admin group..had to do that in safe mode with networking support...even though it showed up..still wasn't correctly being implemented.

Ended up ghosting and sys-prepping from another healthy identicle machine on their network. Problems gone.

There is a script you can run which resets the secpol and registry permissions to totally default settings...I forget where I found that...as I ended up doing the ghosting and sysprep...knowing that would fix my problem inside of 30 minutes..rather than spend another hour or two or more troubleshooting this.

on the local machine, run gpedit.msc.. check under User Rights Assignment, then "allow logon through terminal services".. post back what users/groups are listed. If it's missing, you can always manually add "Remote Web Workplace Users in addition to Remote Desktop Users" and see if that fixes the problem.

If you have isolated the problem to just this one computer and the local policy is indeed hosed, you can rebuild it from default settings by running a couple secedit commands:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;313222