Why am I getting network access denied errors with code 65 or 41 when applying audit policies?

Why am I getting network access denied errors with code 65 or 41 when applying audit policies?

In this article:  

  • Issue description

  • Prerequisites

  • Possible causes

  • Resolution

  • Related topics and articles

  • How to reach support

Issue description  

While applying audit policies in ADAudit Plus, users may encounter one of the following errors:

  • Error Code 65: Network Access Denied

  • Error Code 41: Network Access Denied

These errors indicate that ADAudit Plus is unable to access the SysVol folder on the primary domain controller (PDC) due to insufficient permissions for the configured account.

Prerequisites  

  • The ADAudit Plus service account is correctly configured under Domain Settings.

  • You have administrative access to modify group policies and folder permissions on the PDC.

  • Windows Firewall and UNC path policies are not blocking access to the SysVol share.

Possible causes  

  • The ADAudit Plus service account does not have read/write access to the SysVol share.

  • The target machine or PDC has UNC path hardening policies enabled that block access.

  • Group Policy Objects (GPOs) cannot be applied due to file system-level access denial.

Resolution  

Resolution 1: Verify and grant permissions on the SysVol share  

Step 1: Map the SysVol share using the ADAudit Plus account  

  1. On the ADAudit Plus server, open File Explorer.

  2. Go to This PC > Map network drive.

  3. Enter the path: \\<PDC-Name>\SysVol\<Domain-Name>\Policies\

  4. Select Connect using different credentials and log in using the ADAudit Plus service account.

Step 2: Test access  

  • Try to create and delete a test folder or file in the Policies directory.

  • If access is denied, modify permissions on the PDC to allow read/write access to the service account.

This is a common resolution for Error Code 65 and 41 in restrictive environments.

Resolution 2: Enable hardened UNC paths policy  

  1. Press Start, type gpedit.msc, and press Enter to open the Local Group Policy Editor.

  2. Navigate to Computer Configuration > Administrative Templates > Network > Network Provider.

  3. Double-click Hardened UNC Paths and set it to Enabled.

  4. Under the policy configuration, add the following entry:

    1. \\*\SYSVOL - RequireMutualAuthentication=0,RequireIntegrity=0,RequirePrivacy=0

  5. Apply the changes and run gpupdate /force or restart the system to apply the updated policy.

Related topics and articles  

How to reach support  

If you continue facing access issues even after applying the recommended resolutions, contact our support team for further assistance:


      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial
                  Start your free trial

                      Related Products