Remote Administration interactive logon privileges disabled

Posted on 2005-05-02
Last Modified: 2012-05-05
Windows 2003, fresh install, nothing running, I can do whatever I want with it.
Terminal server role not added
Application server role added (intended to be be an intranet server once I get this fixed)

I can log on to the system using remote desktop as the local admin (no other local users set up, so I didn't try that), but I cannot log on as a domain admin.  When I try, I get the message "Your interactive logon privilege has been disabled.  Please contact your system administrator."  

I have explicitly added the domain account to the Remote Desktop Users, and it is also a member of the local administrative group.   I have also allowed that account the "log on locally" right.

Any ideas?  Pulling my hair out here.
Question by:eatham111
    LVL 9

    Expert Comment

    Is you server joined to a domain?

    Author Comment

    Yes - it is joined to a Windows 2000 domain.
    LVL 15

    Expert Comment

    You also must have the allow logon to terminal server property on the user's AD account, on the terminal server tab

    Author Comment

    The role Terminal Server is not added - this is not a terminal server.  This is for remote administration.  On the remote tab, the user is added implicitly (because it is a domain admin, and the domain admins are local admins).
    LVL 15

    Accepted Solution

    It doesn't matter - Remote Desktop is Terminal Server just renamed to avoid confusion.

    The account MUST, MUST, MUST have "log in to terminal server" checked on the account's Terminal Services Profile tab in Active Directory.

    I just tested this with a real, live account and a real live server. If "log in to terminal server" = unchecked Domain Admins get "Your interactive logon priviledge has been disabled..."

    Featured Post

    What Should I Do With This Threat Intelligence?

    Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

    Join & Write a Comment

    Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
    Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
    It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now