Last updated on September 5th, 2018
This tutorial contains instructions to resolve the following problem: Unable to add roles and features on Server 2016 or Server 2012 with error: "Feature installation Failed: The request to add or remove features on the specified server failed. The operation cannot be completed, because the server that you specified requires a restart".
As a result of the above error, we were unable to install roles and features on the Server, because the problem remained even after restarting the server and installing the latest updates.
At the same time in the Event Viewer (Windows Logs > System) the following error was recorded:
"Event 7041: Service Control Manager.
The MSSQL$MICROSOFT##WID service was unable to log on as NT SERVICE\MSSQL$MICROSOFT##WID with the currently configured password due to the following error:
Logon failure: the user has not been granted the requested logon type at this computer.
Domain and account: NT SERVICE\MSSQL$MICROSOFT##WID
This service account does not have the required user right "Log on as a service."
Assign "Log on as a service" to the service account on this computer. You can use Local Security Settings (Secpol.msc) to do this. If this computer is a node in a cluster, check that this user right is assigned to the Cluster service account on all nodes in the cluster.
If you have already assigned this user right to the service account, and the user right appears to be removed, check with your domain administrator to find out if a Group Policy object associated with this node might be removing the right."
How to fix: Cannot Add Roles and Features on Server 2016 or 2012, because the Server Requires Restart.
To resolve the Feature Installation error "The request to add or remove features on the specified server failed, because the server requires a restart", proceed and assign the "Log on as a service" user right to "NT SERVICE\ALL SERVICES" & to "NT SERVICE\MSSQL$MICROSOFT##WID".
Case A. If your Server is part of a Domain, then proceed and modify the Default Domain Policy as follows:
3. In Group Policy Management go to:
- Forest –> Domains –> "Your Domain Name" –> Domain Controllers.
3a. Right click at Default Domain Controller Policy and select Edit.
5. Proceed to Step–4 below…
Case B. If your Server is a Local Server then proceed and modify the Local Group Policy as follows:
3. In Local Group Policy Editor, go to:
- Computer Configuration –> Windows Settings –> Security Settings –> Local Policies –> User Rights Assignment
4. Now, double click at Log as a service item.
5. Click on Add User or Group button.
6. Type NT SERVICE\ALL SERVICES and click OK. *
* Read this Note if you are having trouble when adding the account.
7. At the main window, click OK and then close the Group Policy Editor.
8. Now open Command Prompt as Administrator and give the following command to update the group policy.
- gpupdate /force
9. Reboot your server.
10. After the restart, open the Group Policy Management, and go again to User Rights Assignments.
11. Double click at Log as a service item and click Add User or Group.
12. Type NT SERVICE\MSSQL$MICROSOFT##WID and click OK. *
* Note: If you cannot add the "NT SERVICE\MSSQL$MICROSOFT##WID" or the "NT SERVICE\ALL SERVICES" account to 'Log on as service' item, then:
1. Add the "Everyone" (without quotes), to log as service.
2. Reboot the server.
3. Add the "NT SERVICE\ALL SERVICES" & the "NT SERVICE\MSSQL$MICROSOFT##WID" users to log as service.
4. Run gpupdate /force
5. Reboot the server
6. Remove "Everyone" from the log on as service.
7. Proceed to Add Roles and Features. on the Server.
13. Click OK again and then close the Group Policy Editor.
14. Open Command Prompt as Administrator and give the following command to update the group policy.
- gpupdate /force
15. Reboot your server.
16. After the restart, try to install Roles and Features.
That's it! Let me know if this guide has helped you by leaving your comment about your experience. Please like and share this guide to help others.