user access with remote desktop

Posted on 2004-08-16
Medium Priority
Last Modified: 2010-04-14
I have seen this question all over the place.. but not in detail in what i am trying to .. I am running server 2000 with AD.. and about 25 mixed XP Pro and 2000 boxes.. I am needing to setup a couple domain users so they can use Remote desktop.. but i dont want to give them Domain Admin Priv to them.. I know i can setup Locial Policy at each pc or server they are needing to login, but some of them remote into several Computers.. is there away to add them to a policy like server 2003.. As Remote Desktop users..
Question by:cblank1234
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2

Expert Comment

ID: 11820401
There is not a permissions or group policy issue here. If Remote Desktop, or a client is on the machine, the user can open it and connect to any machine which is running Terminal Services, either in Support Mode or Full Mode. Once the connection is established they log into the machine as if they were at the machine itself. If the users AD account has access to the machine then they can log in. Let me know if this helps.


Author Comment

ID: 11824539
The users are part of the Domain user policy.. if they try to connect to another workstation or if i try to connect to there workstation as them i get the error "The local policy of this system does no permit you to logon interactively".. I know how to fix it at a signal pc.. i have to login as an admin.. and tell that pc to allow remote Connections. from certian domain users. if i set them up as an admin or as a domain admin i am fine.. But dont want to do that. what this is for is so if a client is having a problem with certain software i can login as them and see there desktop and work on the software under there profil.. with out running all over the building or driveing accross town to the our remote locations.. and certain ones can login into the fax server and pull thangs from there. Thanks.

Accepted Solution

jdeclue earned 500 total points
ID: 11829506
I am very confused. Windows XP Professional and Server 2000 and 2003 can accept remote connections. The configuration of permissions and access is different between the Server versions and wht Windows XP. If you download the Windows Server 2003 Administrative tools then you can set Group Policy to control all of this including enabling and setting permissions on who can access the Windows XP Pro boxes. The Windows 2003 Administrative Tools work beautifully in a Windows 2000 AD environment and even add functionality to it. 2000 Professional does not have any Terminal Service client, so they cannot be connected to.

Is the intent here to allow a certain group of people to connect to Windows XP Professional workstations, from any Windows 2000 or XP machine? If that is the case then using the Windows 2003 admin tools in a Windows 2000 environment will give you the Windows XP Professional group policy control, allowing you to control the additional XP components that you cannot control today.


Author Comment

ID: 11834026
That worked.. i just need to setup a XP Pro running the Admin Pak.. I installed that software the other day but did not thank that it would work in a server 2000 INV.. I thouhgt it was only for sever 2003.. Thanks For your Help..

Expert Comment

ID: 11834139
No problem... that was easier than I thought it was going to be. Cool! ;)


Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
The top devops trends for 2017 are focused on improved deployment frequency, decreased lead time for change and decreased MTTR.
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Suggested Courses
Course of the Month10 days, 2 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question