Skip to main content

How can we help you?

Druva Documentation

Full VM Restore failing with an error “Logon failure: The user has not been granted the requested logon type at this computer. (0x80070569)”

 

Problem description

This article describes a specific problem that occurs when a Hyper-V VM full VM restore fails with a Hyperv11 error because permissions are not present on the Hyper-V host.

Cause

Hyper-V host does not have “NT Virtual Machine\Virtual Machines” added in “Log on as a service” in Local Group Policy.

Traceback

[2023-01-03 12:17:56,677] [ERROR] <_MainThread(MainThread)> SyncError: Failed to import a virtual machine.

The Hyper-V Virtual Machine Management service encountered an unexpected error: Logon failure: the user has not been granted the requested logon type at this computer. (0x80070569). (#10009000b : 32768) (Error Code : HYPERV11)

Resolution

Take the following steps on the Hyper-V host machine:

  1. Sign in to the machine as a Domain Administrator.

  2. To verify the same open Local Group Policy Editor and follow the below navigation:
    Computer Configuration - Windows Settings - Security Settings - Local Policies - User Rights Assignments - Right click on Log on as a service and verify if “NT Virtual Machine\Virtual Machines” is visible there.


 

  1. In case, it is not there either you can Install the Group Policy Management feature from the Server Manager console or proceed with the step 7,8,9 .

  2. After installation, open the GPMC MMC snap-in and browse to the policy that manages User Rights.

  3. Edit the policy to include NT Virtual Machine\Virtual Machines in the entries for Log on as a service.

  4. Close the policy editor. Run gpupdate /force on the Hyper-V host computer to refresh policy. You may need to wait several minutes for Active Directory replication to occur.

  5. Connect to one of the Domain Controllers and open the GPMC MMC snap-in (gpmc.msc) and browse to the policy that manages User Rights. (Default Domain Policy - Right click and edit the same.

  6. It will open GPEDIT.msc from there you have to follow the below navigation to make the changes: Computer Configuration - Policies - Windows Settings - Security Settings - Local Policies - User Rights Assignments - Right click on Log on as a service)

  7. Go to properties and Click on Add Groups and add it with the NT Virtual Machine\Virtual Machines or its SID ID “S-1-5-83-0”