Solved

Can I enable RDP access for non administrator users?

Posted on 2006-07-17
11
848 Views
Last Modified: 2012-06-27
Hello Experts,

If its possible to allow non administrator users to remote into their workstations, what is the proper way to enable that on Small Business Server 2003?

I can already remote into the workstations, as long as I log in as Administrator, otherwise I get a message telling me remote access is not available.
0
Comment
Question by:OzoneFriendly
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 2
  • +1
11 Comments
 
LVL 26

Expert Comment

by:Pber
ID: 17127195
On the workstations, just right click My Computer and select properties.
Select the Remote TAB
Check off the Allow users to connect remotely to this computer.
Click the Select Remote Users button
Add users as you see fit.

The User should now be able to RDP into the workstation.
0
 

Expert Comment

by:Terr0r
ID: 17127410
You can do this via the workstations as Pber mentioned. The next question is do your workstations have external IP addresses? If not, do you have an external IP block to allow the neccesary connections from your users connecting to their workstations. If not, you will need to set RDP for each user to forward to their private IP via different ports.

How to change the port:

http://support.microsoft.com/?kbid=187623

and connect to the computer using a different port using windows xp:

http://support.microsoft.com/?kbid=304304
0
 

Author Comment

by:OzoneFriendly
ID: 17127698
Hello again;

I can already remote into the machines, the problem is that the users are domain users and not domain admins, and non administrator users cannot log in remotely.

What I need is to allow non domain users to access their workstaions via RDP.
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 9

Expert Comment

by:vmaheen
ID: 17127904
hi friend,
 *you can configure it through Group policy
* or you can add users to "remote desktop user"  group

run   gpedit.msc

computer configuration
       > Windows setting
                     > user rights and assignment
                                          >allow logon through terminal service ..  > and   add the users list


regards
Maheen
0
 
LVL 9

Accepted Solution

by:
vmaheen earned 500 total points
ID: 17127922
sorry some lines missing ..

run
gpedit.msc

computer configuration
       > Windows setting
                       >security settings
                                     > local polices
                                            > user rights and assignment
                                                           >allow logon through terminal service ..  > and   add the users list


0
 

Expert Comment

by:Terr0r
ID: 17131577
vmaheen is correct. Sorry, was confused on the question. Hope all works well for you.
0
 

Author Comment

by:OzoneFriendly
ID: 17134393
Hello again experts,

I added the users to REMOTE DESKTOP USERS, but I still get this error;

The local policy of this system does not permit you to logon interactively.

Do I have to change local policy? Can I do that from the server or do I have to do it on the local workstation?
0
 

Author Comment

by:OzoneFriendly
ID: 17134400
... or perhaps I just need to try the group policy vmaheen has suggested. I'll go try that now.
0
 
LVL 9

Expert Comment

by:vmaheen
ID: 17135586
Hi Ozone   , hi Terr0r :)

domain group always override local policy. if you not configure through domain group policy then local polices will work.  as your request you can decide . controling  all workstation  then Domain  GPO is best.   to workstaion  level then Local GPO.

** and Blank password will not allow login  through RDP.
     check the GPO there is "deny lonon throgh terminal service".

here is the nice article
http://www.windowsdevcenter.com/pub/a/windows/2004/10/05/Remote_Desktop.html

Maheen
0
 

Author Comment

by:OzoneFriendly
ID: 17144680
Thanks experts, its all good now!
0
 
LVL 9

Expert Comment

by:vmaheen
ID: 17144781

thanks for points OzoneFriendly

Maheen
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just haveā€¦
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question