Terminal Services is Jacked UP!!!

Greetings:

I want to allow simple remote administration of our 2003 Server that is acting as a DC.  I only want to grant myself access to this as administrator.  I have had myriad problems; here is my story:

After installing 2003 Server and AD, I was able to connect via terminal services just fine.  One day I had a friend connect from outside of our network to test my ability to remotely troubleshoot the machines while I was traveling.  I simply gave him my username and password and allowed him to test using that (i was unsuccessful in granting him access using a different user account).  Ever since then, when I tried to connect via RDP, I got the "there are no terminal servers licensing, blah blah blah) error.  So I went into the Terminal Services configuration and changed to Per User licensing.  This allowed me to connect via TS to at least get the authentication dialog box.  When I tried to log on as administrator, I got the "Local Policy does not allow you to logon interactively error).  So I went into the GP for the domain and changed the "Allow Logon Locally" to allow the accounts that I desired to log on locally.  Now when I try to connect I get the "You do not have access to this session" error.  ***Note all errors messages are as I can remember them and not 100% exact, but I think I have conveyed the gist of the message.

I'm stumped.  This shouldn't be a tough thing to do.
knottydrdAsked:
Who is Participating?
 
dis1931Connect With a Mentor Commented:
You do not need to have terminal services installed.  Just un-install terminal services and use the remote desktop support which is built into the 2003 server.  Terminal Services requires licensing and needs configuring and is exactly the same thing as remote desktop the only difference is that remote desktop limits to only two concurrent users and is only supposed to be used for remote administration on 2003 server while terminal services is meant for application/numerous people working from the environment hence needing licensing etc...after 30 days i believe it may be longer terminal services will stop working unless you setup a terminal services licensing server.

Dis
0
 
dis1931Commented:
"Local Policy does not allow you to logon interactively error", this error will come up if you are not an admin on this server.  This is standard security for an AD controller.  You can change this however by changing the security policies on the server.

Dis
0
 
WeHeCommented:
i agree in all what dis931 sayed.
just one point differs: in windows 2003 the TS grace period is 120 days.
0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 
dis1931Commented:
thanks for the correction WeHe, I thought I remember it changing for 2003 but didn't remember...thanks

0
 
WeHeCommented:
you are right, it has changed.
on w2k its 90 days, on w2k3 its 120 days :)
0
 
knottydrdAuthor Commented:
I was going to uninstall TS but I got a warning that any application installed after TS will be unusable.  I don't believe that I have installed any applications since the server was set up but I 'm wondering does this mean that those apps will be disabled?
0
 
JamesDSConnect With a Mentor Commented:
knottydrd
You are fine to uninstall terminal services, you will not lose access to anything on the server - provided you address the local policy issue.

To enable remote administration, you need to go to the control panel/system applet and on the remote tab click allow in the relevant box. TS in remote admin mode only allows administrators to connect to it.

Cheers

JamesDS
0
 
knottydrdAuthor Commented:
The "Allow Terminal Services Logon" for the user was unchecked in the AD.
0
All Courses

From novice to tech pro — start learning today.