Background:
Office client workstation will not connect to the server
error: Logon Failure: the user has not been granted the requested logon type at this computer

workstation can ping server and vice versa, workstation can see server but cant connect.
Same error on server when trying to access the workstation

Investigations:
Checking the server and theres a error in the logs:
Windows cannot query for the list of group policy objects.
Checking the Domain controller security policy -> security settings -> Local Policies -> User rights assignment I see that the policy 'Access this computer from the network' is blank. This I would expect to be populated (unless I'm mistaken) with Admin, aspnet,backup,everyone, power users, users etc. When adding these and applying the polciy change I get the following error:

Security Templates: An extended error has occurred, failed to save
\\school_name.admin\sysvol\school_name.admin\Polic ies\.....

Thinking that the security database might be corrupy I've ran esentutl /g on %windir%\security\database\secedit.sdb but this comes up clean.

Anyone got an ideas what I can try next? THANKS