Sign in with Microsoft
Sign in or create an account.
Hello,
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.

Symptoms

If you are not an administrator and try to use the Remote Desktop Connection tool, you may receive the following error message:

The local policy of this system does not permit you to logon interactively.

Cause

This issue occurs because the user account is not a member of the local Remote Desktop Users group.

Resolution

To have us resolve this issue for you, go to the "Fix it for me" section. If you prefer to fix this problem yourself, go to the "Let me fix it myself" section.

Fix it for me



To fix this problem automatically, click the Fix it button or link. Click Run in the File Download dialog box, and follow the steps in the Fix it wizard.



Notes

  • Type the user account in the Users box during the installation of the Fix it solution.

  • To add a domain user account to the local Remote Desktop Users group, use the following format:
    Domain\Username

  • To add a local user account to the local Remote Desktop Users group, use the following format:
    Username or .\Username

  • To add multiple user accounts to the local Remote Desktop Users group,use the semicolon(;) character as the separator.For example:
    Username1;Username2

  • This wizard may be in English only. However, the automatic fix also works for other language versions of Windows.

  • If you are not using the computer that has the problem, save the Fix it solution to a flash drive or a CD and then run it on the computer that has the problem.


Then, go to the "Did this fix the problem?" section.



Let me fix it myself

To resolve this issue, add allowed users to the Remote Desktop Users list:

  1. Click Start, point to Settings, and then click Control Panel.

  2. Double-click System, and then on the Remote tab, click Select Remote Users.

  3. Click Add type in the user account name, and then click OK.

    If you are adding more than one user name, use a semicolon to separate the names.

Note: Adding users to the Remote Desktop Group requires that you are logged on through an administrator account.


Also, make sure that the Remote Desktop Users group has sufficient permissions to log on through Terminal Services. To do this, follow these steps:

  1. Click Start, click Run, type secpol.msc, and then click OK.

  2. Expand Local Policies, and then click User Rights Assignment.

  3. In the right pane, double-click Allow logon through Terminal Services. Make sure that the Remote Desktop Users group is listed.

  4. Click OK.

  5. In the right pane, double-click Deny logon through Terminal Services. Make sure that the Remote Desktop Users group is not listed, and then click OK.

  6. Close the Local Security Settings snap-in.


Did this fix the problem?

  • Check whether the problem is fixed. If the problem is fixed, you are finished with this section. If the problem is not fixed, you can contact support.

  • We would appreciate your feedback. To provide feedback or to report any issues with this solution, please leave a comment on the "Fix it for me" blog or send us an
    email.

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!

×