Having issues with allowing a normal user remote desktop connection to domain controller.

When attempting to logon Terminal Services running on a DC, I receive this message: "To log on this remote computer, you must be granted the Allow log on through Terminal Services right.  By default, members of the Remote Desktop Users group have this right.  If you are not a member of the Remote Desktop Users group or another group that has this right, or if the Remote Desktop User Group does not have this right, you must be granted this right manually."

Now I have tried several solutions:

- Assigning the user to "The Allow log on through Terminal Services" right, using local policy(gpedit.msc).
- Assign permission to use TS Configuration. Go to that, select the properties of RDP-Tcp.
- The Allow logon to terminal server check box under user properties.
- Assign the user to Access this computer from network.
- Assign the user to Allow log on locally.

It seems none of this is allowing the user to log in I was hoping someone could help with this and help me get my head around it.
mattskiverAsked:
Who is Participating?
 
WeirdoBcConnect With a Mentor Commented:
Most user rights for DCs are setted using the Domain Controller GPO. I'd suggest to add your users to the Remote Desktop Users group (Domain Local since your server is a DC). Also, make sure that you installed the Terminal service in Application mode.
0
 
Pete LongTechnical ConsultantCommented:
Hello mattskiver,

Your  methodology is sound? however if this is a DC what has been set in the domain controller securty policy?

Regards,

PeteLong
0
 
mattskiverAuthor Commented:
Domain Controllers security policies have not be touched, and most remain either 'not configured' or 'not defined' well their at default values.
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
mattskiverAuthor Commented:
Administrators can log in through terminal services, it is only the users who cannot connect, the users have been added to Remote Desktop Users Group and we still proceed to having the same problem. If possible could anyone post a template of their user permissions in group policies so I can compare what we have?
0
 
WeirdoBcCommented:
"Also, make sure that you installed the Terminal service in Application mode."
0
 
mattskiverAuthor Commented:
"Also, make sure that you installed the Terminal service in Application mode." We have installed this feature as adminsitrators can log in using RDC, user can not currently. It allows 2 users to RDC at any one time.
0
 
mattskiverAuthor Commented:
Thanks, the link helps but I am not sure about one thing I currently have active directory on a dc I am giving access to the user on the dc to connect through remote desktop, now the active directory is replicated onto a second server but it does not let me remote desktop in to it any ideas?
0
 
mattskiverAuthor Commented:
We are still stuck with this problem does anyone have any ideas?
0
 
mattskiverAuthor Commented:
It was ts having to be in terminal service mode
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.