The local policy of this system doesn't allow you to logon interactively.

[Guest]

I am trying to connect to an XP pro box and get this message: The local policy of this system doesn't allow you to logon interactively

I have verified that the users have been added to the Remote Desktop Users list. I checked the Group Policy and added the two users to LOG ON LOCALLY

This computer was upgraded from Win2K pro

Am I missing anything

Scott

 

[Bill Sanderson]

Yep. In a number of 2kPro upgrade situations, there's a policy setting that
gives rise to this error.

I think this is what I am trying to find:
----------------------------
Start->Run, "gpedit.msc"
Expand Computer Configuration->Windows Settings->Security
Settings->Local Policies->User Rights Assignment.

On the right side of the snap-in, find "Allow logon
through Terminal Services".

Remove everything that's there, then Add User or Group,
and input the account you want to have access.

No reboots required, the policy will affect all
subsequent Remote Desktop logons. Those accounts not
allowed via this policy to connect will get back an error
stating "The local policy of this system does not permit
you to log on interactively"

Just remember to add at least one account if you want any
remote desktop access at all...

 

[Guest]

Thanks Bill this help me and my team out with our problem. Thanks agan.

Derek

 

[Guest]

Thanks Bill, this help my problem out. Thanks in advance

Derek Pryor

 

[Jeffrey Randow (MVP)]

Just a quick check.. Does the local Administrator group also contain
the Domain Administrator domain group? This would appear to be the
problem in you doing "administrative" functions while logged in as a
domain admin.

Jeffrey Randow (Windows Networking & Smart Display MVP)
(e-mail address removed)

Please post all responses to the newsgroups for the benefit
of all USENET users. Messages sent via email may or may not
be answered depending on time availability....

Remote Networking Technology Support Site -
http://www.remotenetworktechnology.com
Windows XP Expert Zone - http://www.microsoft.com/windowsxp/expertzone

On Fri, 13 Aug 2004 09:57:04 -0700, Troubled in Tucson <Troubled in

 

[Dark Star]

Bill and others,

I have encountered a similar situation to the one listed below, but I have
not found a complete solution.

I upgraded two machines from Windows 2000 to Windows XP. Afterwards, Remote
Desktop did not function, on either computer. We received the message, "The
local policy of this system does not permit you to logon interactively", when
logging on remotely.

Upon further inspection, and perusing the newsgroups, I found that the
policy setting, "Allow logon through Terminal Services", was blank on both
computers. "A ha!", I thought and I entered "Administrators" (local) and
"Remote Desktop Users" to that policy entry, as they should have been by
default. After a quick reboot, I found that only users in the "Remote
Desktop Users" group could access the machine remotely, while users in the
"Administrators" group received the same old message. Going back to the
"Allow logon through Terminal Services" policy entry, showed that only
"Remote Desktop Users" was still listed. Re-adding "Administrators" and then
closing and re-opening the policy editor (I went in through "Local Security
Policy" under Administrative Tools) showed the "Administrators" group missing
again. Apparently an overiding setting somewhere?

In attempting to further troubleshoot the issue, I was using "Computer
Management" to remotely manage these two computers. I found that I could not
view anything on "Event Viewer" or "Device Manager" and received the message,
"Unable to connect to the computer "xxx". The error was: Access is denied."
I should note that we are on an AD domain, I am a Domain Admin, and I can do
this to other computers (2K or XP).

Lastly, someone on the newsgroups mentioned problems editing the registry
remotely so I thought I would give that a try. Again, I can load the

registry from any other computer (using Connect network registry...) in the
registry editor on my computer, except these two. When I try to open HKLM I
receive the message, "Cannot open HKEY_LOCAL_MACHINE: Error while opening the
key"

I have been researching this issue for several weeks now. Microsoft has not
really addressed the bigger issue, that I can find. Sure they have an
article about Remote Desktop, but it doesn't even mention the "Allow logon
through Terminal Services" policy key. This is a specific, and frequently if
not always reproducible issue, with upgraded Windows XP machines, either when
trying to use Remote Desktop or remote Computer Management/Registry editing.
What could be preventing all of these Administrator related functions? If
anyone has and ideas, I'm all ears.

Thanks,
Tom

I ran into this problem myself today, and for me the solution was to
ensure that the remote registry service was running on the target
machine. HTH.

 

[Jeffrey Randow (MVP)]

Hmmm.. That's weird.... You shouldn't need to have that service
running...

---
Jeffrey Randow (Windows Networking MVP)
(e-mail address removed)

Please post all responses to the newsgroups for the benefit
of all USENET users. Messages sent via email may or may not
be answered depending on time availability....

Remote Networking Technology Support Site -
http://www.remotenetworktechnology.com
Windows Network Technology Community -
http://www.microsoft.com/windowsserver2003/community/centers/networking/default.mspx
Windows Home Networking Community -
http://www.microsoft.com/windowsxp/expertzone/communities/wireless.mspx