2003 TS Rights

I have a w2k domain with a bunch of users in a group probably called users.  everyone uses citrix and everyone is a power user, not much security needed here.  Anyway, added some 2003 servers and installed ts and the license server etc and when we try to log on a user some message about manually adding them to the ts rights group comes up.

how do i put the users group for the domain in the ts rights group on the two 2003 servers?

thanks,
gsgi
LVL 13
gsgiAsked:
Who is Participating?
 
MSE-dwellsCommented:
When you hit add, you should enter 'Domain Users' and then click 'Check names', it should then underline the group for you indicating it was found (and resolved) -- please repeat this and let me know what occurred.

In addition, who are you logged on the Windows 2003 box as?  It should be a domain account (an admin is likely your only option at this stage).

Lastly, what's the error you're receiving?  The same?
0
 
MSE-dwellsCommented:
The group it's likely referring to is called "Remote Desktop Users", add the users there.
0
 
weareitCommented:
Did you make either of the 2003 server domain servers?  If not then the group above does not exist.  Instead you will need to either Create a TS Group or take an existing group (Power Users for example) and add the group into the local group policy of each server:

Start --> Administrator Tools --> Local Security Policy
Expand Local Policies --> User Rights Assignment
Locate and modify the policy named - Allow login through Terminal Services

-saige-
0
Cloud Class® Course: Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

 
MSE-dwellsCommented:
weareit: that's incorrect -- the group does indeed exist; it's a local group editable via Local User and Computers and is assigned the right you mentioned by default.
0
 
gsgiAuthor Commented:
I did join both 2003 servers to the w2000 domain.

so do i add all of the users individually to Remote Desktop Users or just somehow add the domain level group called "users" to it?

thanks,
gsgi
0
 
MSE-dwellsCommented:
I'd suggest you add the Domain Users group to the local Remote Desktop Users ... or you can push out a policy that equates to the same end-result.
0
 
weareitCommented:
My apologies, dwells...  I was under the impression that Remote Desktop Users was a group new to Active Directory with Server 2003.  I was not aware that it was a new default local group.

gsgi, my question should have read did you make either one of the 2003 server domain controllers?

-saige-
0
 
gsgiAuthor Commented:
yeah when i click on the rdu group on the 2003 server i do not see any users or groups from the 2000 domain
0
 
MSE-dwellsCommented:
... add the Domain Users group and try the logon again.
0
 
gsgiAuthor Commented:
ok, i typed it in and it took it.  don't know why hitting add doesn't show you them in the list.  but it does not work.  i added the user name DOMAIN/user to the group too, and it still does not work.
0
 
gsgiAuthor Commented:
ok, i can log on from remote desktop, the error is coming when i try to connect with citrix client.  weird
0
 
gsgiAuthor Commented:
yes it is underlining the names - i think adding them worked, as rdp connects.
on the 2003 box I am admin making changes to the users groups, but via the citrix and rdp sessions I am connecting as a user.

yes the same message.
0
 
gsgiAuthor Commented:
in my citrix client i have it set to start a program.  if i remove that, it works.
0
 
MSE-dwellsCommented:
My experience with Citrix is limited, is Metaframe actually installed on this 2003 machine or are you just trying to use their client?
0
 
MSE-dwellsCommented:
Ah, just read your last response ... understood.  What's the program?
0
 
gsgiAuthor Commented:
metaframe is on the 2003 server.  i am connecting from an xp machine.

if i tell rdp to start the app, and set the logon of that user, it still does not work.

so i think we can eliminate citrix and just troubleshoot rdp not being able to start the app.

same error.

0
 
MSE-dwellsCommented:
Nod, got that ... see my previous response ....
0
 
gsgiAuthor Commented:
i set it to c:\windows\notepad.exe - which is correct on the 2003 server and I get the same error
0
 
MSE-dwellsCommented:
If you run TSCC.MSC and select Connections in the left pane, right click the RDP-TCP object in the right pane and select Properties.  Select the environment tab, what is the configured option?
0
 
gsgiAuthor Commented:
the middle one

run initial program ...
0
 
gsgiAuthor Commented:
i forced it to notepad and removed notepad from the rdp client.  got the same error.
0
 
MSE-dwellsCommented:
... then I'd have to say this is an artifact of the Citrix installation.  Perhaps there's a similar more configurable option in their admin. tools.

PS - was there anything other than RDP-TCP in the right pane?
0
 
gsgiAuthor Commented:
yes, the ICA protocol.

that's ok, you answered the original question.

i'll repost this question...  i searched google and found nothing.

-gsgi
0
 
gsgiAuthor Commented:
you were close with the tscc.msc thing

run  mfcfg which is the citrix version of tscc.msc.
double click on ica-tcp click advanced and uncheck "only run published applications"
double click on rdp-tcp click advanced and uncheck "only run published applications"

since you were close go post the answer and I'll give you the points.
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_22897716.html
0
 
MSE-dwellsCommented:
That's really not necessary, but thank you.  I'm glad I could help ... are you not able to retract the question and return your points?
0
 
gsgiAuthor Commented:
Well, i'd like it documented here in the faq.  so someone else has to post the answer.  -gsgi
0
 
MSE-dwellsCommented:
Fair enough, I'll paste my earlier response along with your addendum ...
0
 
gsgiAuthor Commented:
Thank you!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.