Solved

Locked out of RDP, again!

Posted on 2006-10-23
7
523 Views
Last Modified: 2008-01-09
Hello, I’ve lost the ability to connect to my Windows Server 2003R2 administrative terminal server, with any domain admin account.

I get this message when I login in with any of my credentials:

To log on to this remote computer, you must have Terminal Server User access permissions on this computer.  By default, members of the Remote Desktop Users group have these permissions. If you are not a member to the Remote Desktop Users group or another group that has these permissions, or it the Remote Desktop User group does not have these permissions, you must be granted these permissions manually.


There is no RDP group, because this is a mixed domain I manually added the domain administrators thru the Terminal Services Configuration.

I checked the default domain controllers GPO and all the administrator groups are in the login rights, it is the only GPO that applies.

I've rebooted twice already.

I had this problem before and it went away, and it was working as far back as last week.  Is there something in the registry I can check, or should I just format this troublesome factory preloaded software, and put Windows 2003 back on myself?

Thanks- Corey
0
Comment
Question by:royaltech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
7 Comments
 
LVL 5

Expert Comment

by:usacadena
ID: 17793343
try start -> run -> type "mstsc /console" -> lhit ok
log on locally


the group is found when you right click on my computer -> properties- > Remote tab- > Select remote users
make sure allow users to connect is checked off



0
 

Author Comment

by:royaltech
ID: 17844058
Thanks, the mstsc /console part works, but this is a domain controler, there are no remote users, just AD members.
0
 
LVL 5

Expert Comment

by:usacadena
ID: 17844699
in the built-in container there is a group "Remote Desktop Users" which "Members in this group are granted the right to logon remotely" Adding a user to this group will enable them to have remote access only.

Ray
0
 

Author Comment

by:royaltech
ID: 17844758
These are the only members of that group:

Name      Type      Description      
Account Operators      Security Group - Domain Local      Members can administer domain user and group accounts      
Administrators      Security Group - Domain Local      Administrators have complete and unrestricted access to the computer/domain      
Backup Operators      Security Group - Domain Local      Backup Operators can override security restrictions for the sole purpose of backing up or restoring files      
Guests      Security Group - Domain Local      Guests have the same access as members of the Users group by default, except for the Guest account which is further restricted      
Pre-Windows 2000 Compatible Access      Security Group - Domain Local      A backward compatibility group which allows read access on all users and groups in the domain      
Print Operators      Security Group - Domain Local      Members can administer domain printers      
Replicator      Security Group - Domain Local      Supports file replication in a domain      
Server Operators      Security Group - Domain Local      Members can administer domain servers      
Users      Security Group - Domain Local      Users are prevented from making accidental or intentional system-wide changes.  Thus, Users can run certified applications, but not most legacy applications      
0
 
LVL 5

Accepted Solution

by:
usacadena earned 250 total points
ID: 17847820
reference to restore ad groups => http://support.microsoft.com/kb/840001
0

Featured Post

Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn about cloud computing and its benefits for small business owners.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question