Group Policy Error, You do not have permission to perform this operation, Details: Access Denied

Benard Mwanza 996 Reputation points
2022-05-06T08:04:48.737+00:00

Hello,

I receive a pop up error message window when I try to open local group policy editor in windows 10 device. The windows 10 device is domain joined to windows Active Directory(windows server 2012) I'm currently logged in to windows 10 device using a domain user account

The pop up error windows simply states:

Group policy error, You do not have permission to perform this operation. Details: Access Denied.

This issue is usually present even when i set up a new active directory running any windows server version, By default opening local group policy editor from the client devices joined to the domain i get that error. Is it a default behavior of group policy in AD environment, or is a group policy that i need to set up so as to allow local users to open local group policy editor.

Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
10,611 questions
Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
4,741 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,118 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,847 questions
0 comments
Accepted answer
  1. Gary Reynolds 9,391 Reputation points
    2022-05-10T16:55:45.247+00:00

    The account needs to be a member of the local administrators you run gpedit and also make sure you are running gpedit with run as administrator option.

    Gary.

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Limitless Technology 39,351 Reputation points
    2022-05-11T07:27:09.53+00:00

    Hi there,

    Yes, it is the default behavior of the local group policy editor on the Windows 10 device that the domain user account cannot open. Make sure you are using the Administrator account, if you are using a Domain network, make sure you are having admin access.

    If you don’t have admin access contact your IT administrator to get the Delegate Permissions for Group Policy. The below article describes procedures for an administrator to delegate permissions to others using the GPMC so that they can perform some Group Policy administrative tasks.

    How to delegate permissions for a group or user on a Group Policy Object https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/dn789195(v=ws.11)

    ------------------------------------------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept it as an answer–

    0 comments