[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 178
  • Last Modified:

Windows 2003 Domain Controller and Terminal Service Remote Client Login

I have setup a 2003 Server which was running Terminal Services, I setup Domain Controller recently and now when remote users attempt to login they recieve the error "The local policy of this system does not allow you to log on interactively"  I only have this problem with remote users, any administrative user can log on with out issues.  All users are allowed to log on locally in the ADUC, and I can't pinpoint where the difference is between the two groups aside from one being admin.  Can someone please help direct me to where I can find the difference in the groups as to why the remote users can not log on.
0
goffer
Asked:
goffer
  • 4
  • 2
  • 2
  • +1
1 Solution
 
jodypeetCommented:
The difference is that administrators are allowed to log on to servers and users aren't by default.
You could edit the default domain policy.
In the console tree, click Security Settings.
To edit an Audit Policy, a User Right Assignment, or Security Options, click Local Policies.
Double-click the User right assignment security setting in the details pane.
Modify the security setting, "log on locally" and then click OK.


good luck
0
 
oBdACommented:
The default domain policy won't help anything in this case; this only affects member servers and workstations.
You need to edit the default *domain* *controller* security policy (among the other management tools) and give the appropriate user group the right to log on locally.
0
 
jodypeetCommented:
sorry for the typo ...it is the default domain controller policy
0
Learn to develop an Android App

Want to increase your earning potential in 2018? Pad your resume with app building experience. Learn how with this hands-on course.

 
TASINetworkCommented:
You can also add the users to the Remote Desktop Users group.
0
 
gofferAuthor Commented:
Once again, please forgive my ignorance, but once I'm in the default domain controller policy and I click to edit it, how do I set the user group to log on locally.  There are options to change "Software Settings", "Windows settings", and "Administrative Templates" but I see no place to change any other settings.  Also they are already members of the Remote Desktop Users group.  I appreciate the advice.
0
 
TASINetworkCommented:
Computer Configuration, Windows Settings, Local Policies, User Rights Assignment
0
 
jodypeetCommented:
Computer configuration
Windows settings
Security settings
Local Policies
Double-click the User right assignment security setting in the details pane.
Modify the security setting, "log on locally" and then click OK.
0
 
gofferAuthor Commented:
Thank you very much, unfortunately I'm not versed at all in any server OS and my boss that usually handles all those type things resigned two weeks ago.  I greatly appreciate the help!!
0
 
jodypeetCommented:
No problem
Glad to help
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 4
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now