Advertisement

06.07.2006 at 02:20PM PDT, ID: 21878573
[x]
Attachment Details
[x]
The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

  • The Grade of the Solution
  • The Zone Rank of the Expert Providing the Solution
  • The Number of Author and Expert Comments
  • The Number of Experts Contributing
  • The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!
6.2
Must Have Terminal Server User Access Permissions--Error
Zone: Citrix
Tags: terminal, server, user, access, must
Presentation Server 4.0 running on Server 2003 SP1 also is our Terminal Server License Server.  We have 3 remote locations connected via site-to-site VPN’s.  DC is 2000 SBS.  One clarification I need to make is, I installed Citrix on the remote client before the site-to-site VPN was working.

The Citrix icon on the task bar shows “Citrix Program Neighborhood – Not Connected”

I used the “Custom ICA Connection” in Program Neighborhood and created a Connect By Published Application session.  When I tried the connection, it errored out (see error below); didn’t matter if I logged on as admin or user.  I have made sure that the users belong to Remote Desktop Users group AND Allow log on Trough Terminal Services rights are assigned.  I have also made sure permissions are set through Connections in Terminal Services Configuration (both Microsoft RDP and Citrix ICA 3.0), also Citrix Connection Configuration (which looks like the same thing to me).  From the Citrix Management Console, I have set the farm “Connection Access Control” property to “any connection”, the published application “Access Control” property to “Allow connection through Metaframe…”, “Any connection”, and “Allow all other connections”.  

ERROR DIALOG
“To log on to this remote computer, you must have Terminal Server User Access permissions on this computer. By default members of the Remote Desktop Users group have these permissions. If you are not a member of the Remote Desktop Users group or another group another group that has these permissions, you must be granted these permissions manually.”

Folks this is betting the snot out of me!


I used the “Custom ICA Connection” in Program Neighborhood and created a Connect By Server session.  When I connect with admin rights it brings up a RDP session just fine, but if I try to loin to the domain as a domain user I get two error dialogs.
ERROR DIALOGS
1.The desktop you are trying to open is currently available only to administrators. Contact your administrator to confirm that the settings are in place for your client connection.
2.To log on to this remote computer, you must have Terminal Server User Access permissions on this computer. By default members of the Remote Desktop Users group have these permissions. If you are not a member of the Remote Desktop Users group or another group another group that has these permissions, you must be granted these permissions manually.

Help me…Please
Start your free trial to view this solution
Question Stats
Zone: Networking
Question Asked By: bit_ter
Solution Provided By: bjlillo
Participating Experts: 4
Solution Grade: A
Views: 285
Translate:
Loading Advertisement...
06.07.2006 at 02:31PM PDT, ID: 16856796
krais99:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
06.07.2006 at 03:45PM PDT, ID: 16857412
bit_ter:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
06.07.2006 at 10:16PM PDT, ID: 16858784

Rank: Sage

mgcIT:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
06.08.2006 at 08:01AM PDT, ID: 16862010
bit_ter:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
06.08.2006 at 08:40AM PDT, ID: 16862404

Rank: Sage

mgcIT:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
06.09.2006 at 08:30AM PDT, ID: 16871186
bit_ter:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
06.10.2006 at 02:36PM PDT, ID: 16878561

Rank: Master

gsgi:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
06.14.2006 at 09:09AM PDT, ID: 16903988
bit_ter:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
06.16.2006 at 08:11AM PDT, ID: 16920915
bjlillo:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
06.16.2006 at 01:04PM PDT, ID: 16923263
bit_ter:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
06.16.2006 at 01:44PM PDT, ID: 16923552
bjlillo:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
09.25.2006 at 11:59AM PDT, ID: 17595137
Venabili:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
10.02.2006 at 03:39PM PDT, ID: 17647726
Venabili:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
10.07.2006 at 03:05AM PDT, ID: 17682020
CetusMOD:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
 
Loading Advertisement...
Microsoft
  • Internet Protocols
  • Applications
  • Development
  • OS
  • Hardware
  • Windows Security
Apple
  • Operating Systems
  • Hardware
  • Programming
  • Networking
  • Software
Internet
  • Search Engines
  • File Sharing
  • WebTrends / Stats
  • Spy / Ad Blockers
  • Web Browsers
  • New Net Users
  • Web Development
  • Chat / IM
  • Anti Spam
  • Web Servers
  • Anti-Virus
  • Email Clients
Gamers
  • Tips
  • Online / MMORPG
  • Puzzle
  • Emulators
  • Action / Adventure
  • Role Playing
  • Consoles
  • Game Programming
  • Strategy
  • Sports
  • Misc
  • Computer Games
Digital Living
  • Hardware
  • New Net Users
  • New Users
  • Software
  • Digital Music
  • Gaming World
  • Home Security
  • Apple
  • Networking Hardware
Virus & Spyware
  • Vulnerabilities
  • IDS
  • Encryption
  • Anti-Virus
  • Operating Systems Security
  • Software Firewalls
  • WebApplications
  • Cell Phones
  • Operating Systems
  • Internet
  • Hardware Firewalls
Hardware
  • Handhelds / PDAs
  • Displays / Monitors
  • Components
  • Networking Hardware
  • Peripherals
  • Laptops/Notebooks
  • Storage
  • Servers
  • Desktops
  • New Users
  • Misc
  • Apple
Software
  • System Utilities
  • Industry Specific
  • Network Management
  • Photos / Graphics
  • Page Layout
  • VMWare
  • Misc
  • Web Development
  • OS
  • CYGWIN
  • Voice Recognition
  • Message Queue
  • Quality Assurance
  • Security
  • Firewalls
  • MultiMedia Applications
  • Development
  • Database
  • Office / Productivity
  • Business Management
  • OS/2 Apps
  • Server Software
  • Internet / Email
ITPro
  • OS
  • Storage
  • Encryption
  • Operating Systems Security
  • Apple Hardware
  • Laptops & Notebooks
  • Servers
  • Networking Hardware
  • Peripherals
  • Devices
  • Displays / Monitors
  • WebTrends / Stats
  • Search Engines
  • Firewalls
  • WebApplications
  • IDS
  • Vulnerabilities
  • Email Clients
  • File Sharing
  • Spy / Ad Blockers
  • Web Browsers
  • Web Servers
  • Networking
  • Anti-Virus
  • Chat / IM
  • Anti Spam
Developer
  • Web Servers
  • Web Browsers
  • Game Programming
  • Dev Tools
  • Industry Specific
  • Office / Productivity
  • Database
  • CYGWIN
  • Web Development
  • Search Engines
  • File Sharing
  • WebTrends / Stats
  • Programming
  • Content Management
  • Application Servers
  • Protocols
Storage
  • Removable Backup Media
  • Storage Technology
  • Servers
  • Grid
  • Remote Access
  • Backup / Restore
  • Misc
  • Hard Drives
OS
  • Miscellaneous
  • Security
  • Development
  • Linux
  • VMWare
  • MainFrame OS
  • Unix
  • Apple
  • OS / 2
  • AS / 400
  • BeOS
  • Microsoft
  • VMS / OpenVMS
Database
  • Oracle
  • Miscellaneous
  • MySQL
  • Software
  • Sybase
  • Contact Management
  • PostgreSQL
  • Data Manipulation
  • Clarion
  • InterSystems Cache
  • Siebel
  • MUMPS
  • OLAP
  • SQLBase
  • SAS
  • GIS & GPS
  • 4GL
  • Berkeley DB
  • DB2
  • Informix
  • Interbase / Firebird
  • FoxPro
  • Reporting
  • LDAP
  • Filemaker Pro
  • MS SQL Server
  • dBase
  • MS Access
Security
  • Misc
  • Web Browsers
  • Software Firewalls
  • Operating Systems Security
  • File Sharing
  • Spy / Ad Blockers
  • Vulnerabilities
  • WebApplications
  • IDS
  • Anti-Virus
  • Encryption
  • Anti Spam
  • Email Clients
  • VPN
  • Chat / IM
Programming
  • Editors IDEs
  • Installation
  • Handhelds / PDAs
  • Multimedia Programming
  • System / Kernel
  • Algorithms
  • Game
  • Signal Processing
  • Project Management
  • Open Source
  • Database
  • Misc
  • Languages
  • Processor Platforms
  • Theory
Web Development
  • Scripting
  • Blogs
  • Web Servers
  • Software
  • Search Engines
  • Web Graphics
  • Images
  • Internet Marketing
  • Images and Photos
  • Components
  • Document Imaging
  • Web Languages/Standards
  • Illustration
  • WebApplications
  • Fonts
  • WebTrends / Stats
  • Authoring
  • Digital Camera Software
  • Miscellaneous
Networking
  • Protocols
  • Apple Networking
  • Network Management
  • Message Queue
  • Application Servers
  • Content Management
  • File Servers
  • Email Servers
  • Misc
  • Java Editors & IDEs
  • Wireless
  • Networking Hardware
  • Backup / Restore
  • System Utilities
  • ISPs & Hosting
  • Web Servers
  • Storage Technology
  • Removable Backup Media
  • Servers
  • Broadband
  • Grid
  • OS / 2
  • Novell Netware
  • Unix Networking
  • Windows Networking
  • Security
  • Telecommunications
  • Operating Systems
  • Linux Networking
Other
  • Community Advisor
  • Lounge
  • Community Support
  • New Net Users
  • Philosophy / Religion
  • Math / Science
  • Miscellaneous
  • URLs
  • Expert Lounge
  • Politics
  • Puzzles / Riddles
Community Support
  • Suggestions
  • New to EE
  • New Topics
  • Community Advisor
  • CleanUp
  • Announcements
  • General
  • Feedback
  • Input
  • EE Bugs
 
06.07.2006 at 02:31PM PDT, ID: 16856796
krais99:
Log onto the Citrix server as an administrator.  Go into Computer Management, Local Users and Groups, Groups and go into the Remote Desktop Users group.  Add the Domain Users group and close out.  If you wish to restrict who in the domain can log on, create a domain group called Citrix Users or something to that effect and add the personnel you wish to have access to Citrix to that group and add that group into Remote Desktop users.

Hope this helps,

Todd
 
06.07.2006 at 03:45PM PDT, ID: 16857412
bit_ter:
Sorry, I forgot to mention that I already did that, still doesn't work, thanks for your comment though.
 
06.07.2006 at 10:16PM PDT, ID: 16858784

Rank: Sage

mgcIT:
When you installed Terminal Services (through Add/Remove Programs > Add Windows Components) did you choose Remote Administration Mode, or Application Server Mode?

Should be Application Server Mode
 
06.08.2006 at 08:01AM PDT, ID: 16862010
bit_ter:
Installed as App Server Mode with per device licenses
 
06.08.2006 at 08:40AM PDT, ID: 16862404

Rank: Sage

mgcIT:
 
06.09.2006 at 08:30AM PDT, ID: 16871186
bit_ter:
I had looked at these articles before,
Link 1. There is no "Citrix Settings" tab in the dialog, the article refers to Win 2003 x64, we run 32 bit 2003. Therefore I thought it was only for 64 bit ver, should that tab be on ver we run?
Link 2. I have verified these settings too, I made reference to this in my original post.  However I had "access control" selected as "any connection" instead of "any connection that meets any of the following filters" because I don't know how to make a filter and I thought any connection would be less restrictive.
Link 3. We are not getting that event ID num in the events viewer, the only events are "can't create printer for session (not exact)", but I have started going through the troubleshooting procedures listed in the article just to see what we have (don't have high hopes it will help).

Thanks for your help, I always appreciate anything anyone wants to suggest!!
 
06.10.2006 at 02:36PM PDT, ID: 16878561

Rank: Master

gsgi:
Here are a couple of guesses:

To let non admins citrix or ts into a dc you have to set the log on locally group policy.
Make users at least power users on their own box (even as a test if it's against your better judgement, then we'll deal with that if it works later).

http://www.experts-exchange.com/Operating_Systems/Win2000/Q_20256896.html?query=logon+locally&clearTAFilter=true
http://www.experts-exchange.com/Operating_Systems/Win2000/Q_20971422.html?query=logon+locally+ts&clearTAFilter=true


-gsgi
 
06.14.2006 at 09:09AM PDT, ID: 16903988
bit_ter:
I appreciate your help; the box is not a DC, just a member server.  I tried the suggestions in the links, but it didn’t help.  I can TS in with admin privileges, I can also launch a “server” session as admin (TS?), from Citrix Program Neighborhood, but if I try to launch a “published application”, even as admin; it gives the old “allow log on through TS” error.  

Could someone tell me why the “Citrix Program Neighborhood Agent” shows “not connected” on the task bar?  Do you think I need to uninstall reinstall Citrix client?  As I mentioned earlier, I loaded it on client box before the site-to-site VPN was working properly.  If I do, can you recommend a “best practice” install method for my situation?
 
06.16.2006 at 08:11AM PDT, ID: 16920915
bjlillo:
Does it make a difference if you connect to the application through a Custom ICA Connection vs. finding the application set and running it from there? I had the exact same behavior you described this morning and can connect through the Application Set, but not through a Custom ICA Connection.
 
06.16.2006 at 01:04PM PDT, ID: 16923263
bit_ter:
I don't know, how do I connect using the "finding application set and running it from there"?  I'm lost could you give me a procedure to follow?


Thanks!
 
06.16.2006 at 01:44PM PDT, ID: 16923552
bjlillo:
1) Publish the application to a specific AD group (I assume that's done.)
2) When logged in as a user in the group specified in #1, open Program Neighborhood and go to the Application Set Manager, Find New Application Set, and run through the wizard to connect to your particular farm.
3) Run the application from the icon that is found in the newly created Application set.

This worked for me. The procedure I was doing prior to that was creating a custom ICA connection and attempting to connect to the application that way.
Accepted Solution
 
09.25.2006 at 11:59AM PDT, ID: 17595137
Venabili:
This question has been classified as abandoned because there are no comments in the last 21 days. I will make a recommendation to the moderators on its resolution in approximately 4 days.  I would appreciate any comments by the experts that would help me in making a recommendation.

It is assumed that any participant not responding to this request is no longer interested in its final disposition.

If the asker does not know how to close the question, the options are here:
http://www.experts-exchange.com/help.jsp#hs5

Venabili
EE Cleanup Volunteer
 
10.02.2006 at 03:39PM PDT, ID: 17647726
Venabili:
I will leave the following recommendation for this question in the Cleanup topic area:
   Accept: bjlillo {http:#16923552}

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

Venabili
EE Cleanup Volunteer
 
10.07.2006 at 03:05AM PDT, ID: 17682020
CetusMOD:
Forced accept.

CetusMOD
Community Support Moderator
 
 
20080236-EE-VQP-29