The Group Policy client service failed the logon

If you try to login to a client or server system and you get this error message below:

“the group policy client service failed the logon.Access Denied”

 

 

 

 

 

 

 

Do the following to fix it:

1. Logon to the machine with a machine administrator account (assuming this issue is with a domain account, if not logon to the machine using another account with administrative privilege).
2. Move the machine to a workgroup from domain. (If it was part of one workgroup then change it to another one or join a domain.) You could do this through Control Panel\System and Security\System and then Change Settings.
3. Restart the machine and logon with a machine administrator account.
4. Delete your user profile data (or move it a different location) completely from c:\users. “C” in my case is system directory but if you have a different one then use that one.
5. Join the machine back to domain account (or to workgroup that the machine was originally joined to), and restart the machine.
6. Logon with your domain account that you were having trouble with. Keep fingers crossed.
7. If all goes well, you should be logged on.

Case select you will be logged on with a temporary user profile:

1. Login with Administrator account on the local machine.
2. Open Regedit.
3. Navigate to HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
4. There should be a multitude of Registry keys inside the ProfileList and search for two identical ones which are differentiated by the .bak extension (e.g. xxxxxx1234.bak & xxxxxx1234).
5. The Registry key with the .bak extension contains the user’s actual profile while the one without the .bak contains the Temp profile.
6. Delete the Registry Key WITHOUT the .bak extension and rename the one with it to xxxxx1234 (without the .bak). Notice the fields on the right, there should be a value named RefCount, change the value to 0.