Posts Tagged ‘The Local Policy of this system does not permit you to logon interactively’

How to Fix the Logon Error: The local policy of this system does not permit you to logon interactively

May 16th, 2013 by Admin

Problem

Apart from the obvious logon error of typing in a wrong username or password, there exists another common problem that users come across when logging on: When you try to log on to a Windows machine and you may receive the error message “The local policy of this system does not permit you to log on interactively.” This can happen in a number of scenarios, and the way to resolve the issue depends on the cause of the problem.

Solution A

If the Local Security Policy is set to disallow local logons to Everyone, then the error message will pop up for any user who tries to log on, including an administrator. This can be fixed in just a few steps, if you can still get into Windows:

  1. Press Windows + R to bring up the Run box. Type in gpedit.msc and press Enter.
  2. When the Group Policy Object Editor appears, navigate to: Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment.
  3. In the right-hand panel, locate the entry named “Deny Log on locally” and double-click on it.
  4. Highlight your user account and click Remove.

If you can’t log on your computer using any administrator account, you are unable to edit any settings of your local policy. In this situation, you need to use a third-party software – Reset Windows Password utility. This software comes as a bootable CD image which need to be burned onto a blank CD or USB drive. Just boot your problematic computer from the CD or USB drive. When the Reset Windows Password program opens up, select your user account and click on “Reset Password” button, the program will delete the existing Windows password and also tweak the improper local security policy which prevents you from logging on locally. That’s it!

Solution B

If the logon error message pops up when you are trying to connect via Remote Desktop or a Terminal Services connection, you will need to take a different set of actions.

To resolve this issue, add allowed users to the Remote Desktop Users list:

  1. Click Start, point to Settings, and then click Control Panel.
  2. Double-click System, and then on the Remote tab, click Select Remote Users.
  3. Click Add type in the user account name, and then click OK.
    If you are adding more than one user name, use a semicolon to separate the names.

Note: Adding users to the Remote Desktop Group requires that you are logged on through an administrator account.

Also, make sure that the Remote Desktop Users group has sufficient permissions to log on through Terminal Services. To do this, follow these steps:

  1. Click Start, click Run, type secpol.msc, and then click OK.
  2. Expand Local Policies, and then click User Rights Assignment.
  3. In the right pane, double-click the “Allow logon through Terminal Services” option. Make sure that the Remote Desktop Users group is listed. Click OK.
  4. In the right pane, double-click the “Deny logon through Terminal Services” option. Make sure that the Remote Desktop Users group is not listed, and then click OK.
  5. Close the Local Security Settings snap-in.