What kind of domain and what schema? Windows Server 2008 R2?
Note that a Windows 7 computer cannot make a domain, only workgroups.
Local security policies hardly affect domain policies. Default domain policies (GPO) are loaded even before you login a client system.
anyone ever seen this before and know how to fix it or maybe there is a CLI tool I can use to change the permissions?
In order to log into a domain you must have a client computer join the domain. This way the computer name will be present(ed) in de Active Directory of the domain.
After that you can use a registered, non-locked, user account, present in the Active Directory to logon to the domain via the client pc. Make sure you are using the correct domain to log in and are not locally logging in on the client name.