I have installed and configured all the settings of Password Manager along with IIS and SSL Cert, but starting with a test user to access the link from IE on his his desktop to enroll to the service, anyway, the page has 3 parts of account name, domain (which filled automatically) and password, after the user enters the account name (which is the user account name as registered in AD) along with login password, an error message comes in the next page as below
Logon failed: This user isn't allowed to sign in to this computer.
You can reach the IT Help Desk at IT Help Desk: http:********************* for assistance in resetting your password or unlocking your account.
If i grant the user to logon to all computers from his account properties in AD, the user will be able to process with the enrollment.
How i can fix this issue? and i would like to keep the policy as it is, where each user is limited for one or more computers to login to within his department.
I appreciate it.