We help IT Professionals succeed at work.

Enabling logon through Terminal Services on a physically remote machine

psk1 asked
Last Modified: 2010-04-18
I have some servers in colocation -- hence their consoles are not accessible to me right now.  I have a few of them set up to receive TS connections.

Apparently, I didn't set one of them up right, because when attempting to remote to that machine, I get the classic message "To log on to this remote computer, you must be granted the Allow log on through Terminal Services right.  By default, members of the Remote Desktop Users group have this right.  If you are not a member of the Remote Desktop Users group or another group that has this right, or if the Remote Desktop User group does not have this right, you must be granted this right manually."

Now, I'm presently trying to connect using the Domain Admin account, which is a member of the Remote Desktop Users group and which has been granted the Allow log on through Terminal Services right in GP on the DC.  The server in question is a member of the domain and I really (obviously) didn't expect to have this issue remotely before I left the datacenter.

Do I need to do something locally on the specific server that I'm trying to connect to?  Is there some way for me to achieve this remotely, or via the DC, given that direct console access to the server is a couple thousand miles away right now?
Watch Question

You would need to set the permissions in the Local Security Settings on the individual servers to allow domain users to connect.  

Try logging into the target member server using the local computer name as the domain name, not the Domain name.  This should give you access to the native admin account.  Only the domain controller will force the DOmain name only in this field.  
Then change the Local Security Settings  (Start -> Programs -> Administrative Tools -> Local Security Policy).  
Add Domain Admins from the Domain or Remote Desktop Users from the DC to the  Local Policies -> User Rights -> Allow log on through Terminal .....



I have tried that (and just tried again to be sure) and cannot log in via terminal services as the local Administrator.  I get the same error message as quoted above.

I think I've made a mistake in leaving the server in an unreachable state.  Looking for confirmation, or alternatives, before moving to more drastic measures.
This one is on us!
(Get your first solution completely free - no credit card required)


I solved my problem by using IP/KVM.  Thanks TSguru.
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.