Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Terminal Services clients permissions

Posted on 2004-10-28
9
Medium Priority
?
265 Views
Last Modified: 2010-04-19
Okay, I have terminal services running on a W2k3 member server on my network.  I finally got the clients to connect okay, but I had to put their group they belong to in the local administrators group to get it to work.  When the clients logon to the TS session, they get the "configure your server" window, which tells me they have way too high of permissions.  I cannot get it to work any other way though.  I just want the TS clients to be able to run an application on the W2k3 member server through terminal services without giving them administrator privileges.  Is this possible?  And if so, can you give me a hint or two?

Thanks,
Cheese
0
Comment
Question by:cheesebugah
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 9

Accepted Solution

by:
SamuraiCrow earned 2000 total points
ID: 12439157
Take them out of the administrators group and put them into the remote desktop users group on the Terminal Server.  This is a change from 2000 terminal services.  
0
 
LVL 9

Expert Comment

by:SamuraiCrow
ID: 12439164
The administrators group is automatically a member of the remote desktop users group which is why they can connect by default.
0
 

Author Comment

by:cheesebugah
ID: 12439218
I had initially put them into the remote desktop user group to no avail?
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 9

Expert Comment

by:SamuraiCrow
ID: 12439233
Interesting.  Do you have a licensing server set up?  I'm running three 2003 TS devices and the remote desktop users group is definately where non administrative users need to be placed for connectivity.  What is the particular error that comes up when they try to log in without being in the admin group?
0
 

Author Comment

by:cheesebugah
ID: 12439269
The W2k3 Server is the only W2k3 device on my network, so it is the license server also.  My network is W2k otherwise.  It has been a couple of weeks since I have done this, so I think the message was something like, Access denied, you do not have privileges to access this server.  It was something like that.  It was not the denial of local logon, it was something referencing permissions or privileges.  
0
 
LVL 9

Expert Comment

by:SamuraiCrow
ID: 12439380
I've done a little testing and the default message of a user that can't log into the server is "The local policy of this system does not allow you to log on interactively".  At this point I would suggest the following:

1 Create a dummy account with no priveleges on the server and try to log in.  Document the results in this forum

2 Add the dummy account to the remote desktop users group and see if you get a different error message.  Again please post the results here

This will give us a clear picture of where the breakdown is occuring.
0
 

Author Comment

by:cheesebugah
ID: 12725724
I'm sorry I haven't had time recently to get back to this topic.  I will submit a comment soon, when I have the time to fiddle with this some more.  I greatly appreciate your patience.

Cheese
0
 

Author Comment

by:cheesebugah
ID: 12879167
I'm back!  I guess I'll restart with;  If I put the users into the remote desktop users group, when they log on to the TS, do they log on locally or to the domain?
0
 

Author Comment

by:cheesebugah
ID: 12879190
I have also had some issues with my Citrix server as of late in regards to licensing.  It appears to me that the licensing server has to be a DC.  The TS server of issue here is not a DC.  So, do I have to place the TS licenses on a DC and point the TS server to the license server?
0

Featured Post

Tech or Treat! - Giveaway

Submit an article about your scariest tech experience—and the solution—and you’ll be automatically entered to win one of 4 fantastic tech gadgets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question