• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 170
  • Last Modified:

Log on locally appears to be disabled


I'm running into a SQL Server SSIS problem, so I needed to run a program as a plain jane user.   So I created a new user and by default they were added to the "Users" group.. So far so good.

I then tried to login as this user and received the "The local security policy does not allow you to login interactively".

So I logged back in as the local administrator and checked the Local Policies / User Rights Assignment / Log on locally.     And sure enough, my new test user was not there... BUT... The entire box is grey'd out and I can't add or delete any user or group.   I've tested this 3 or 4 times and rebooted, logged in/logged out etc.    Log On as a service is unavailable for changes also.

Any thoughts?

1 Solution
Is this on a domain?  A domain policy might be over-riding your local policy.  Also, your administrator account may not have permissions to edit parts of the security policy.  Check there permissions.
wsaharemAuthor Commented:
Yes, it's on a domain, but I checked 2 other machines in the same domain and they didn't have the same issue.

I'm not sure where to check to see if the administrator has rights for parts of the security policy.

Hi wsaharem,

have you logged on with the local administrator account and tried (not domain admin)

How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

wsaharemAuthor Commented:
Yes, when troubleshooting I'm logged in as the local machine administrator.

Have you verified that the other 2 computers you checked are in the same ou as your computer.
Perhaps you are receiving different policies.

If you can look in AD Users and Computers that would be the easiest way
or you can issue this command on the computers to list the applied group policies.
gpresult /scope:computer
wsaharemAuthor Commented:
I'm just went ahead and took a brute force method rather than trying to figure out what the problem was.     I went ahead and removed the computer from the domain which gave me access to the security groups.  I then added the computer back to the domain and still had access to the Local Security Settings \ Log on locally.    

Symptoms fixed
PAQed with points refunded (500)

Community Support Moderator
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now