Logon failure : The user has not been granted the requested logon type at this computer

I have created a new user via  Active Directory on Windows Server 2012 R2, I tried to log in with this user to site or windows, but unfortunately,  I couldn’t log in, I got the following error.

Logon failure : The user has not been granted the requested logon type at this computer.

he user has not been granted the requested logon type at this computer

Cause:

This error usually occurs because of

  • The Telnet Client feature is enabled.
  • The login user does not have permissions to log on locally to this computer.

Solution:

You should make sure that the login user, and all groups that he belongs to, are not denied the right to log on locally by doing the following:

  • Log in to the server with the Administrator account.
  • Open start menu > type “gpedit.msc” to open Group Policy Management > Right click and select Run as administrator.

GPEDIT .msc

  • Under Computer configuration, go to Windows Settings > Security Settings > Local Policies > User Rights Assignemnts.
  • Right Click on Allow Logon Locally > Properties.
  • Click on Add User and Group and add the new user account.

Logon failure : The user has not been granted the requested logon type at this computer.

Alternative way: Go to  Control Panel > Administrative tools > Right click on Group Policy Management > Select Run as administrator.

group ploicy managment

  • From left side > Expand Forest node > Domains > Domain Name > Domain Controller > Right click on Default Domain Controller Policy > Click Edit.
    • Note: Although you have been run the Group Policy Management as administrator the Edit option might be disabled. that means you didn’t log in to the server as administrator as I mentioned in the first point. In this case, you must run Group Policy Management as a different user then provide the credential of the administrator account.

group ploicy managment dialog

  • In Group Policy Management Editor > Expand Computer Configuration > Policies > Windows Settings > Security Settings > Local Policies > User Rights Assignment > In the pane details >  Double click on  Allow Log on Locally.

group ploicy managment Editor

  • In Allow log on locally Properties > Click on Add User or Group > Add the new user > Click OK.

Allow Log On Locally Properties

  • Open CMD as administrator.

Run CMD As Administrator

  • Run this command “gpupdate /force” for Policy update.

updatepolicy

  • The login user should be now granted the requested logon type at this computer.

Enjoy 🙂

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s