Account Restrictions Are Preventing This User From Signing In



I think the “Log On To” setting within the Account tab of an Active Directory user could easily be overlooked. As simple as this setting is, it’s very easy to forget about it in favor of something more elaborate when attempting to restrict user access to specific computers.

Mar 16, 2020 Fix: Account Restrictions are Preventing this User from Signing in. If the issue is with your Computer or a Laptop you should try using Restoro which can scan the repositories and replace corrupt and missing files. This works in most cases, where the issue is originated due to a system corruption. Managing user accounts and parental controls. A user account allows you to sign in to Windows 10. By default, your computer already has one user account, which you were required to create when setting up Windows for the first time. But if you plan to share your computer, you can create a separate user account for each member of your home or office.

Account Restrictions Are Preventing This User From Signing In
  • 2019/02/22 08:22:16 ERROR 1327 (0x0000052F) Accessing Destination Directory E:PDMDATAPDMVaultTest0000cfa40 Account restrictions are preventing this user from signing in. For example: blank passwords aren't allowed, sign-in.
  • Account restrictions are preventing this user from signing in. For example, blank Passwords are not allowed, sign-in times are limited or a policy restriction has been enforced. Click on Picture for Better Resolution.
  • I cannot 'Sign Out' an AppleID on an IPad Pro (iOS 12.2 16E227). I recently created an AppleID for a child (under 13) to be used on an old IPad mini. I signed into my IPad Pro with the child's AppleID and now I cannot sign out. 'Sign out is not available due to restrictions' and 'Sign Out' is not selectable. I need MY AppleID back on the IPad Pro.

Let’s say you want to allow a vendor access to a few servers in your Active Directory domain. Let’s assume you’ve given them some kind of secure gateway access to your network (VPN, separate vendor Citrix XenApp farm and domain, etc.). How do you restrict them to only the servers they need access to? An old school method would be to create a local Windows account on each server to bypass Active Directory. That way they only have the access they need on each server and have no access to your domain. But an easier method, that only requires one Active Directory user account, is to use the “Log On To” setting.

Restrictions

Log On To — Click to specify workstation logon restrictions that will allow this user to log on only to specified computers in the domain. By default, a user is able to log on at any workstation computer that is joined to the domain. Note that this control does not affect the user’s ability to log on locally to a computer using a local computer account instead of a domain account.

Simply change the “Log On To” setting from the default “All computers” to “The following computers” and then specify the computer name(s). Now the vendor can only login to those specified computers.

Easy. Right?

PROBLEM


Account Restrictions Are Preventing This User From Signing In

The backup fails with a Microsoft VSS Error, 'A problem with Windows Shadow Copy was detected':

Account Restrictions Are Preventing This User From Signing In Ssms


As the error suggests, if you take a look at the Hyper-V VMMS event log (Event Viewer → Application and Services Logs → Microsoft → Windows → Hyper-V-VMMS → Admin), you'll find the following event:

Source: Hyper-V VMMS | Event ID: 10178

Failed to fix-up absolute VHD paths in configuration of virtual machine 'Exchange': Account restrictions are preventing this user from signing in. For example: blank passwords aren't allowed, sign-in times are limited, or a policy restriction has been enforced. (0×8007052F). (Virtual machine ID E26C9A7B-8DDC-4775-AD85-13F2AACF51AF)


Account Restrictions Are Preventing This User From Signing In



CAUSE


Account Restrictions Are Preventing This User From Signing In

This issue occurs because the NT Virtual MachineVirtual Machines special identity does not have the Log on as a Service right on the Hyper-V host computer and thereby VSS isn’t able to run successfully.



SOLUTION

Account restrictions are preventing this user from signing in run as


A User Account Restriction Is Preventing

In order to resolve this error you can go through the methods explained in this Microsoft KB article here: https://support.microsoft.com/en-us/kb/2779204