FIX: Account is not authorized for remote login by Bas Wijdenes

The connection was denied because the user account is not authorized for remote login.

First of all, I want to mention that I received this message within Azure AD DS, but that the manual is generic and can also help you if you encounter this error message. The point is that you cannot log in with a domain account on a device that is also domain joined.

After my previous post about an error message within Azure Active Directory Domain Services I ran into a problem again. It is always nice when you encounter small problems in a developer environment, so you can avoid them in production…

Normally as a domain admin you should not run into this problem on servers that are added to the domain, but apparently if you add a server to Azure AD DS.

As described above, this may well be the case for notebooks or other devices.

The error message:

The connection was denied because the user account is not authorized for remote login.
The connection was denied because the user account is not authorized for remote login.

Let’s fix “The Connection was denied because the user account is not authorized for remote login.

The manual is divided into a short and long guide. The short guide is for system administrators and if you do not have experience with troubleshooting you can better follow the long guide.

The short guide..

  1. Press Control + R
  2. Type in lusrmgr.msc
  3. Go to Groups and open Administrators
  4. Add new user and search in your Azure AD Domain Services
  5. Login with administrator credentials in Azure AD Domain Services
  6. Add the administrator or group to administrators.

The longer guide..

Below is a longer tutorial for those who don’t understand the short guide.

Right click start > Run, or press Control + R.
You can also search for lusrmgr.msc in start.
Below I used CTRL + R.

The Connection was denied because the user account is not authorized for remote login
Search for lusrmgr.msc

Go to Groups and double-click Administrator.

The Connection was denied because the user account is not authorized for remote login.
Open groups and double-click Administrators

Click Add…

If the server is correctly domain-joined in Azure AD Domain Services then you should be able to search directly in the domain, you will only have to enter the administrator credentials of your Azure AD Domain.

The Connection was denied because the user account is not authorized for remote login.
Add domain user

You should be able to log on your Azure AD Domain joined server with your domain admin account.

Published by

Bas Wijdenes

My name is Bas Wijdenes and I work as a PowerShell Automation Engineer @ Wortell.

Leave a Reply

Your email address will not be published. Required fields are marked *