Network

Error 1385: The user has not been granted the requested logon type at this time

requestedlogon

Logon Types are logged in the Logon Type field of logon events for every successful and failed logon. These events appear in the Windows event log and help in analyzing the various logon types. The following logon types are supported in the Windows environment which is a total of nine different types of logons. Kindly refer to some other guides I have written: How to enable or disable BitLocker Drive Encryption on Windows 10 and Virtual Machines, how to uninstall your current version of MBAM and run setup again, how to clear, enable or disable TPM in Windows via the BIOS or UEFI, how to enable Bitlocker Pre-Boot Authentication via the Group Policy, and BitLocker Drive Encryption architecture and implementation types on Windows

This error could also occur, if the user does not have the appropriate console logon rights. Please refer to the solutions provided on how to fix this issue, depending on whether the error is encountered during logon to a domain controller or to other Windows PCs. Kindley refer to the following guide: Logon types: The different Windows Logon Types.
Screenshot-2021-09-13-at-21.01.32

Possible cause

This can happen if the desktop policy titled Access this computer from the network has been modified from the default values and that the users and groups listed in this policy no longer contain the user or group entries for the particular user logging on. This normally won’t happen as the default values for this policy include “Users” and “Everyone” access groups.

Possible Solution

To resolve this issue, edit the Access this computer from the network local policy on the desktop to restore the “Users” access group or add one or more user and group values to provide the required access.

Screenshot-2021-09-13-at-21.02.10

right-click on Access this computer from the network>Properties>Add Users or Groups, add everyone if not added before.
– As you can see it has been added before.
– Ensure that Deny logon locally is not applied to the same users/groups.

Alternatively this can be configured using Group Policy.These configuration settings are found under Computer Configuration > Windows Settings> Security Settings > Local Policies > User Rights Assignment.

  • Make sure that you are login to the current machine with the administrator account, then run gpedit.msc as Administrator.
  • Or try to run gpedit.msc as a different user, then provide the administrator credentials
  • Don’t forget to perform “gpupdate /force”” in command prompt for Policy update.
Screenshot-2021-09-13-at-21.09.40

Administrative Tools>Local Security Settings>Local Policies>User Rights Assignment, right-click on Access this computer from the network>Properties>Add Users or Groups, add everyone if not added before.
– As you can see it has been added before.
– Ensure that Deny logon locally is not applied to the same users/groups.

What could be the error?

This issue can occur if the user does not have the appropriate console logon rights. It is a domain controller, and there are admin policy restrictions on the server. The user account was a regular account and as such could not run the application. I switched to a different server to reproduce this and was able to perform the operation which failed previously.

Screenshot-2021-09-13-at-21.25.42

I hope you found this blog post helpful. If you have any questions, please let me know in the comment session.

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x