Feb 16 2004

Print this Post

The local policy of this system does not permit you to logon interactively

If you get this message when trying to access a XP (or 2000 server) system via remote desktop, try the following …

On the remote system, click Start, then Run, type “secpol.msc”, and press enter.

Navigate to “Local Policies”, then select “User Rights Assignment”.

In the list find “Allow logon through Terminal Services” and make sure that “Administrators” and “Remote Desktop Users” are in the list. If they aren’t, click “Add User or Group”, and add the user. Then click “Apply”.

You should be able to access the system remotely.


Skip to comment form

  1. Dave Moehrke

    Exactly. Thank you SO much!!

  2. Kev Saunders

    Just what I needed… Cheers

  3. ErikaT

    I’m having this problem when I try to use remote desktop, but I don’t have either of the settings that are mentioned above. (That is, Admin and Remote Users are allowed for logon, and only ASPNET is denied terminal services.) Any other ideas?


  4. Dick B.

    This same error occurs if Terminal Services access is attempted from a Windows client that has lost its join to a Windows 2000 SBS network with SBS 2000 running Terminal Services in application mode. The Active Directory computer entry looks OK, but you won’t be able to access the client. Rejoining client computer to network fixes this case just fine.

  5. Frank Pauli

    I was not able to access a Windows 2003 Server and I checked the security policy, but it was properly set to allow administrators. Then I noticed the Deny Logon through Terminal Services key and it was set to block Administrators. Deny takes presidence, so when I removed the deny, everything worked fine. Thanks for the help.

  6. Steven

    FINALLY… an actual SOLUTION! Thanks!

  7. arun karthick

    Good job… Thanks

  8. Mark

    Argh.. I’m not able to log in either… re-install? sob.

  9. Chris

    Thank you very much.. Spot On.. Solved my Problem.

  10. david

    Doubtful, Romal. Keep in mind the error I found the solution for was a Remote Desktop login, not a local login.

  11. Romal

    I have the same problem but on a single computer not on a network running win server 2003. Barring a complete re-install is their any other way I can resolve this error.

  12. zillah

    Thanks for that, It solved my problem

  13. Chris

    Thanks, David, worked a trick!

  14. Phil

    Me too ! I was stuck for ages on this problem. Some machines would be fine to connect to and some others were impenetrable ! Nobody from IS could resolve that and MS technote 289289 is of course not solving anything at all ! Thanks a lot !!!

  15. Slayer

    Thanks for the tip. Worked perfectly.

  16. david

    Re-install? Seriously, if you can’t logon, the best thing you can do as far as I know is to re-install windows and hope you haven’t encrypted any data on your drive.

  17. Eze

    So what do I do if i cannot log on windows in any way whatsoever?
    How change user rights?

Comments have been disabled.