"Account Restrictions are Preventing this User from Signing in". Repair

The error message “Account restrictions are preventing this user from signing in” typically occurs when the user fails to set up a Remote Desktop Connection. Users commonly encounter this issue on Windows Server 2012 or higher versions. The problem often arises from a specific Windows Group Policy setup that restricts the transfer of login credentials to the remote workstation. However, some users have reported that the problem may be caused by expired or blank passwords. While this could be the case, there may be other sources contributing to the problem.

“I just tried on Server 2019, and it gave me an “Account Restrictions are preventing this user from signing in…” error. However, RDP’ing with the plaintext password worked. Changing the hash to an invalid value yields an authentication error,” writes Twitter follower @DukezDad. [source]

Security administrators and other groups have increasingly been utilizing Remote Desktop Connections. However, like any program, errors can occur, including with Remote Desktop Connections. Fortunately, there are steps you can take to quickly and easily resolve these issues, as outlined below.

This Article Contains:

What is the reason for the “Account Restrictions are Preventing this User from Signing in” Error Alert?

This error notification can be the result of various scenarios, nevertheless, the following events might be the cause most frequently —

Windows Group Policy¹: Windows policies control certain actions that your operating system implements. The error alert might pop up because of a certain Windows Group Policy which prevents the Remote Desktop Client from conveying the sign-in details to the remote host. Deactivating the policy could resolve the trouble.
No Password: In certain instances, the error alert can also happen when the user account for setting a remote connection isn’t protected by a password. In this case, you will have to either establish a password or simply deactivate this policy.

Now that you have a clear understanding of the potential reasons for the error notification, you can fix your trouble by means of the remedies set forth below.

Method 1: Deactivating Windows Group Policy

As already stated before, there is a special security policy that does not let the Remote Desktop Client convey the supplied credentials. This policy, nevertheless, might result in the said error alert in certain scenarios. Hence, to eliminate the error alert and be capable of setting a connection, you will have to deactivate it. This is how to make it possible:

Use the Windows Key + R hotkey to start the Run dialog box.
Specify “gpedit.msc” in the search field and then press Enter.
As soon as the Windows Local Group Policy Editor comes up, proceed to the below-said directory:
```
Computer Configuration > Administrative Templates > System > Credentials Delegation
```
At this point, in the right-hand section, find the “Restrict delegation of credentials to the remote servers” policy.
Double-click it to amend it. Define it to Disabled, select Apply and then choose OK.
Deactivating the Security Policy
Inspect whether it resolves the problem.

Also consider reading: Hacked Facebook account. How do I Fix?.

Method 2: Defining a Password

The error notification can also come up when the user account that you are applying isn’t secured by any password at all. Hence, in order to resolve the trouble, you will need to establish a password and then inspect whether it resolves the problem. Otherwise, you will need to provide a password every time you would like to sign-in. Nevertheless, if you would like to, you can bypass this long process by just deactivating a Windows Group Policy. This is how to make it possible:

Start the Local Group Policy Editor as displayed above.

Proceed to the below-given location:

Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options

In the right-hand section, you have to find the “Accounts: Limit local account use of blank passwords to console logon only” policy.
Double-click to amend it and then simply define it to Disabled.
Disabled Local Group Policy
Choose Apply and then OK.

Robert Bailey

IT Security Expert

It is better to prevent, than repair and repent!

When we talk about the intrusion of unfamiliar programs into your computer's work, the proverb "Forewarned is forearmed" describes the situation as accurately as possible. Gridinsoft Anti-Malware is exactly the tool that is always useful to have in your armory: fast, efficient, up-to-date. It is appropriate to use it as an emergency help at the slightest suspicion of infection.

DOWNLOAD NOW

Gridinsoft Anti-Malware 6-day trial available.
EULA | Privacy Policy | 10% Off Coupon

Subscribe to our Telegram channel to be the first to know about news and our exclusive materials on information security.

Sending

User Review

5 (1 vote)

Comments Rating 0 (0 reviews)

References

Group Policy: https://en.wikipedia.org/wiki/Group_Policy

Article

"Account Restrictions are Preventing this User from Signing in". Repair

Description

The error notification “Account restrictions are preventing this user from signing in” normally comes up in times when a customer is not capable of setting a Remote Desktop Connection to a target system by applying the Windows Server 2012 or higher versions.

Author

Robert Bailey (robert)

HowToFix.Guide