RDP to AD

Hi . . . please help.
We are setting up an RDP system as follows, SBS 2003 Server and a MS Windows 2003 R2 Terminal (TS) Server.  We have setup two users in AD on the SBS, also same two users as local on the TS Server for testing.
We can successfully log on as Administrator using RDP to the Domain, and both Servers locally.  We can log on locally to both Servers as the test users BUT NOT to the Domain.  Even if we do not use the TS Server and use the SBS IP address to logon to the Domain as a User it fails/errors.  The message is Windows cannot log you on because your profile cannot be loaded.  Check you are connected to the network . . . . 
I believe the problem is in AD somewhere!

MalcolmNZAsked:
Who is Participating?
 
MalcolmNZConnect With a Mentor Author Commented:
I contacted local Microsoft, which turned out to be in Australia.  Problem was a combination of items, the main one appeared to be the licencing.  Also found out along the way you should not be able to log on as a standard user.  Thanks to all who replied.
 
0
 
JohnGerhardtConnect With a Mentor Commented:
There is a tab under the user that controls a seperate profile for logging onto terminal servers.. Could this be set to something incorrect...?
0
 
exx1976Connect With a Mentor Commented:
Did you change the TS to operate in Application Server mode instead of Remote Administration mode?  By default, only administrators can login to a server.  Regular users cannot login until it is switched to Application Server mode.

0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
Darius GhassemConnect With a Mentor Commented:
Go to the Local Security Policy in the TS Administrative tools then local polices -> User Right Assignments find Log on Locally and add the users to this.
0
 
DenverRickConnect With a Mentor Commented:
In the Terminal Server Configuration you will find in Connections 'RDP-Tcp'.  Right Click and go to Properties, on the Permissions Tab you will need to have the users either listed or in a group you use or create.  this is required regardless of Application Mode or not.

Generally speaking you usually just set Permissions to Guest Access, however, some Applications could dictate User Access or rarely Full Control.
0
 
Darius GhassemCommented:
Sorry also go to Administrative tools then local polices -> User Right Assignments
->Allow Log On Through Terminal Server
0
 
MalcolmNZAuthor Commented:
dariusg:  Just having a problem locating the "TS Administrative tools ".  Are we talking about the SBS Server ?

regards
Malcolm
0
 
Darius GhassemCommented:
Sorry didn't mean to list that one. Try the below

Sorry also go to Administrative tools then local polices -> User Right Assignments
->Allow Log On Through Terminal Server
0
 
MalcolmNZAuthor Commented:
Hi dariusq, This is an SBS 2003 system, if you select Start, then Administrative Tools, there is no listed local polices.  Please advise.
0
 
MalcolmNZAuthor Commented:
Sorry . . . . that should read Start, then Programs, the Administrative Tools.
0
 
exx1976Commented:
Wait a minute, I just noticed something else..  You said that you can log on locally with both users on both servers??!?!?   Domain controllers don't have local accounts, only domain accounts..   What exactly are you doing?
0
 
MalcolmNZAuthor Commented:
Yes, at one point I could select the SBS Server name in the login to box instead of the domain name.  Due to your remark, I just tried it now, but was not able to.  So it appears something was not correct before.  

I currently have the position of being able to login with RDP as Administrator but NOT one of the two users.  Thanks for pointing out what the situation should be.
0
 
Darius GhassemCommented:
Go into the default domain controller policy in AD and you will find the local policy under here. Also, go into Terminal Server Configuration then right-click RDP-TCP then go to properties then Security and add the users here or just add them to the Remote Desktop group
0
 
MalcolmNZAuthor Commented:
Hi
Not sure why this Alert box has appeared.  I wish to close the question.
Malcolm
0
 
MalcolmNZAuthor Commented:
Hi
Just altered the points to the total allocated !
Malcolm
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.