We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now


Terminal Server 2003 access

wwwedward asked
Medium Priority
Last Modified: 2010-04-18
I have a 2003 terminal server operating smoothly, the server now denies login permission to admin or users,  the message indicates one must be a member of the remote desktop users group to login...  I have checked all of these settings they appear correct.. still get the same message?

Watch Question

So, you're saying that you've checked the membership of the Remote Desktop Users group on the server and it contains the appropriate domain user and/or groups?

You might also need to adjust the "Log on Locally" right.   From the Security Policy MMC snap-in (secpol.msc), navigate to Security Settings, Local Policies, User Rights Assignments.  Then add the users/groups to the "Log on Locally" field

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Do you have Terminal Services running on this server?  or Citrix?

If terminal services is loaded, you need to go to a different area:

Start --> Administrative Tools --> Terminal Services Configuration

Highlight the connectections folder...  On the right hand pane, double click RDP-TCP...
Click the PERMISSIONS TAB...  Verify that Administators have FULL CONTROL.

Click OK...to save...

Also make sure that your TS server is using the proper licensing mode:  

Highlight the Server Settings folder.  On the right hand pane, click Licenseing and make sure your are using the same licenseing as your licenese server.  for example, both should be set to PER USER.  or both should be set to per device.  (Usually PER USER is best because MS doens't track these types of licenses).

Also, note that you can also try conencting to the server by using this command from a remote machine:

mstsc.exe /v: servername /console

The console switch will make it so you are logged in using a console connection as opposed to a TS session.

Actually that brings up a good point.... are you talking about Terminal Services or Remote Desktop?   In the pre-Windows Server 2003 days they were one and the same... but not anymore.


Windows 2003 terminal server in applicatiuon mode.  The rdp protocol is what we are using to connect..  I will check the above first thing in the a.m.  log on locally might be the only thing I have not checked...   I know our liscence server is still running on windows 2000 server service pack 4...Strange I do not know waht changed but something...

Thanks for your time thus far
There are now two options in the local security policy: Log on locally ang log on through terminal services, you only need the later enabled for TS users.


security settings look intact


Thanks for the help.  I had missed an event log message. The issue was with the liscence server..

Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.