Solved

Allow log on to Terminal Services right errors

Posted on 2008-10-22
8
368 Views
Last Modified: 2013-11-21
I am configuring a new bunch of new servers to replace our current ones. I have built one server with Windows Server 2003 Enterprise, and configured it to be my Domain, DHCP and DNS server. I also have several other servers that will be configured exactly alike that will run Windows Server 2003 Standard and are configured to be Terminal Servers (10 TS's in all).

I am currently doing testing with my DC Server and a master image TS server. The TS is in the Domain, and when I log in using RDP as administrator it works great. But when I attempt to login as a user I get the "to log onto this remote computer, you must have Allow log on to Terminal Services rights" error.

I have allowed Users and Authenticated Users to be able to login to Terminal Serverice via the Group Policy. I even allowed them to login locally using the Group Policy. When I attempt an RDP connection to the DC my user can log in successfully, but when I try to login to my TS I get the error.

I have researched the Experts Exchange knowledge base and tried multiple recommendations but none of them seem to work in my TS environment. Are there settings on the Terminal Server its self that I need to change, or is everything controlled at the Domain Controller level? Thanks in advance.
0
Comment
Question by:RWB_Support
  • 4
  • 4
8 Comments
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 22780592
Go to Run type GPEDIT.MSC then Windows Settings -> Security Settings -> Local Policies -> User Rights Assignment then look for Allow log ong through Terminal Server.
0
 

Author Comment

by:RWB_Support
ID: 22780659
When I look I see the groups, Authenticated Users, Users, and Remote Desktop users.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 22780772
Go to Terminal Server Configuration then right-click the RDP-TCP then go to the permissions tab add the users or groups you want to RDP into the server.
0
 

Author Comment

by:RWB_Support
ID: 22780818
I found the solution.

Went onto the Terminal Server.
Opened Administrative Tools - Computer Management
Under Computer Management (Local), open System Tools, Local Users and Groups, click on Groups.
Enter Remote Desktop Users group properties.
Add Domain Users

Click OK until I got out and tested successfully
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 22780920
The Remote Desktop Group has all permissions to Terminal Server but if you want to add another group or just another user without using the Built-in Remote Desktop Group then you would need to add them like this:

 Terminal Server Configuration then right-click the RDP-TCP then go to the permissions tab add the users or groups you want to RDP into the server.

I thought you were asking how to add another group to Terminal Server into the Server.
0
 

Author Comment

by:RWB_Support
ID: 22797330
I was asking how to do that. My experience with Terminal Server farms is very limited, since I usually one deal with small clients with a single multi-funtion server IE , DC-DHCP-DNS-Termianl Server etc. So using my experience I did everything that I found was recommended by the Experts to resolve the issue, but no dice.

What I thought could happen was that I could make a single change at the DC level and all of the Terminal Servers would then allow the users in the AD to login. This wasn't the case, as I could login using a user via RDP to the DC but not the TS'. When I changed what sub-groups were a part of the main Remote Desktop User group (IE, Domain Users)that seemed to work. So it appears as though a one stop solution isn't available, and I'll have to make the said change to each of my TS' as they join the domain.

I'll try doing it your way though since it would be a more comfortable solution rather than messing with local groups. Thanks for the response, I'll close this question within the next couple of days when I have a final grasp on the solution.
0
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 500 total points
ID: 22798213
This will allow you to add users across all TS.

http://technet.microsoft.com/en-us/library/cc776790.aspx
0
 

Author Closing Comment

by:RWB_Support
ID: 31508923
Thanks for the great help. I apollogize for the delay in awarding you the points, I was away.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

After having deployed hundreds of thousands of Terminal Services seats worldwide, I still see all the time people asking me that same old question: "If TS/RDS is that reliable why are you telling me I should reboot it that often? My DC/SQL/Exchange/…
On a regular basis I get questions about slow RDP performance, RDP connection problems, strange errors and even BSOD, remote computers freezing or restarting after initiation of a remote session. In a lot of this cases the quick solutions made b…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now