Local Security Policy Configuration

User Authentication

For server user authentication to work, the server must be able to create user–specific subprocesses with the credentials specified. Windows allows this only if certain Windows Security settings are set on the PC running the server.

When running the server exclusively as a Windows service, use the default account of SYSTEM. Changes might not be needed if the SYSTEM account has all the required privileges set.

Configure User Accounts

The user account running the server must be in the Administrators group. To access the Administrators Group;

Select Start Settings Control Panel User Accounts Users.
Select the user account running the server.

If you are on a domain, it appears as the domain name in the Domain column. Select the domain-level user account.
Properties Group Membership Other.
Open the pull-down list and select Administrators.
Click OK to close the Group Membership tab.
If prompted to log off, click Cancel.
Enable the following User Rights for the Administrators Group:
1. Act as part of the operating system.
2. Adjust memory quotas for a process.
3. Replace a process level token.
To verify or update these rights, select StartControl PanelAdministrative ToolsLocal Security PolicyUser Rights Assignment.
In the Security Settings pane, open Local Policies User Rights Assignment.
In the Policy column, open the user right to be changed and add Administrators.

Ensure there is an "s" at the end of Administrators. Administrator (singular) is a specific user account.
Repeat the sequence for each of the user rights.
Verify that the Administrators group has been added to each of the three user rights, as indicated previously.
Add the Authenticated Users group to the Log on as batch job user right.
Log off and log back in for the changes to take effect.