I have setup 4 new Windows 2003R2 servers; ADMIN1PRI, ADMIN2PSI, ADMIN3MAIL and ADMIN4TS. ADMIN1PRI is the primary server with the primary domain controller, print services, etc. ADMIN2PSI runs a key application and is setup as a backup domain controller. ADMIN3MAIL is a member of the domain and runs the mail system. ADMIN4TS is a member of the domain and has Terminal Services activated. When trying to login to the Terminal Server as a user who is a member of the Remote Desktop Users Group I get the following message:
"To log on to this remote computer, you must be granted the Allow log on through Terminal Services right. By default, members of the Remote Desktop Users group have this right. If you are not a member of the Remote Desktop Users group or another group that has this right, or if the Remote Desktop Users group does not have this right, you must be granted the right manually."
I have checked every location I can think of regarding rights and the only way I can give these users the ability to login is to make them a Domain Administrator. Is there some change in R2 of Windows 2003 security that disables Terminal Services access by standard users? Any idea where I should look? Thanks!