diff --git a/dll/win32/syssetup/security.c b/dll/win32/syssetup/security.c
index 0bf4167ebc0..2ac2c3a4917 100644
--- a/dll/win32/syssetup/security.c
+++ b/dll/win32/syssetup/security.c
@@ -282,7 +282,8 @@ InstallPrivileges(
     PSID AccountSid = NULL;
     NTSTATUS Status;
     LSA_HANDLE PolicyHandle = NULL;
-    LSA_UNICODE_STRING RightString;
+    LSA_UNICODE_STRING RightString, AccountName;
+    PLSA_REFERENCED_DOMAIN_LIST ReferencedDomains = NULL;
     PLSA_TRANSLATED_SID2 Sids = NULL;
 
     DPRINT("InstallPrivileges()\n");
@@ -351,8 +352,33 @@ InstallPrivileges(
             else
             {
                 DPRINT("Account name: %S\n", szSidString);
-                continue;
- 
+
+                ReferencedDomains = NULL;
+                Sids = NULL;
+                RtlInitUnicodeString(&AccountName, szSidString);
+                Status = LsaLookupNames2(PolicyHandle,
+                                         0,
+                                         1,
+                                         &AccountName,
+                                         &ReferencedDomains,
+                                         &Sids);
+                if (ReferencedDomains != NULL)
+                {
+                    LsaFreeMemory(ReferencedDomains);
+                }
+
+                if (!NT_SUCCESS(Status))
+                {
+                    DPRINT1("LsaLookupNames2() failed (Status 0x%08lx)\n", Status);
+
+                    if (Sids != NULL)
+                    {
+                        LsaFreeMemory(Sids);
+                        Sids = NULL;
+                    }
+
+                    continue;
+                }
             }
 
             RtlInitUnicodeString(&RightString, szPrivilegeString);
diff --git a/media/inf/defltwk.inf b/media/inf/defltwk.inf
index d23b0d861ea..5aa1acf4b48 100644
--- a/media/inf/defltwk.inf
+++ b/media/inf/defltwk.inf
@@ -42,7 +42,7 @@ SeEnableDelegationPrivilege =
 SeImpersonatePrivilege = *S-1-5-6, *S-1-5-32-544
 SeIncreaseBasePriorityPrivilege = *S-1-5-32-544
 SeIncreaseQuotaPrivilege = *S-1-5-19, *S-1-5-20, *S-1-5-32-544
-SeInteractiveLogonRight = *S-1-5-32-544, *S-1-5-32-545, *S-1-5-32-547, *S-1-5-32-551
+SeInteractiveLogonRight = *S-1-5-32-544, *S-1-5-32-545, *S-1-5-32-547, *S-1-5-32-551, %SceInfGuest%
 SeLoadDriverPrivilege = *S-1-5-32-544
 SeLockMemoryPrivilege =
 SeMachineAccountPrivilege =
@@ -78,4 +78,10 @@ MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\DontDisplayLas
 MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeCaption = 1, ""
 MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeText = 7, ""
 MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\ShutdownWithoutLogon = 4, 1
-MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UndockWithoutLogon = 4, 1
\ No newline at end of file
+MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UndockWithoutLogon = 4, 1
+
+[Strings]
+SceInfGuest = "Guest"
+
+[Strings.0407]
+SceInfGuest = "Gast"