You do not have permissions to access the local service on a WORKGROUP
When attempting to connect to the local service on a machine that is a member of a WORKGROUP the connection fails with the following error, even though the user is a member of the Administrators group.
You do not have permissions to access the local service.
This can be caused by the User Access Control (UAC) settings on the WORKGROUP machine which removes Administrator privileges from remote user accounts by default.
There are two options to resolve this issue.
- Enable diagnostics logging on the machine running the local service to confirm the account name that is being evaluated - for example
Access denied for user 'CORP-SRV01\adminaccount'.
Explicitly add the user account to the access list setting in the Group Policy settings.
- or -
- Change the following registry key
LocalAccountTokenFilterPolicy = 1
WARNING: This change affects the security level.
For more information see the Access is denied scanning WORKGROUP machines article.