Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

TS 2008 - Requested session access is denied

Posted on 2009-03-30
8
Medium Priority
?
9,730 Views
Last Modified: 2013-11-21
I am receiving "The requested session access is denied" when attempting to log in to my experimental TS 2008 machine. This machine is also running domain controller role.  I know it's a bad idea, but it is just a test environment.

The problem I ran in to is that I can't add cross domain users into the Remote Desktop Users group. As a result, I created a new Domain Local group that has all my TS remote access accounts.
I went into Group Policy and updated the Default Domain Controller policy to include the new group, "Test Remote Users", but I'm still receiving the above error.  If anyone could point me to where this is hanging up I would appreciate it.
0
Comment
Question by:timbrigham
  • 4
  • 3
7 Comments
 
LVL 3

Expert Comment

by:stlbridge
ID: 24022080
Is that the full error message?
How are you connecting to your TS (Local/External)?
Is the computer connecting to the TS part of your domain?

First, I would check firewall settings on the TS.  Second, I would use the built-in remote users group.  Third, I would check to make sure that the TS isn't requiring the connecting computer to be the same OS for compatibility.  Fourth, let me know.
0
 
LVL 1

Author Comment

by:timbrigham
ID: 24022405
The connection is local.
The TS machine a separate domain  (requirement in the initial setup) and acting as a domain controller.
The onboard firewall has been disabled.

Unless I am missing something, I can not use the inbuilt remote user group, since it has problems with cross domain member assignment, and I can't change the group type of an inbuilt group.
The OS compatibility is not a problem - everything works with a local account assigned to the Remote Users group.
0
 
LVL 1

Accepted Solution

by:
timbrigham earned 0 total points
ID: 24022488
Under "Terminal Services Configuration", I missed updating the security on the RDP-Tcp object to include the new group I created.
 
I updated the gateway and remote app settings and web access settings and missed the most basic permission group. Hopefully someone else will save some time looking for a solution to this. :)
0
[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

 
LVL 3

Expert Comment

by:stlbridge
ID: 24022561
Have you setup the Domain Trusts?  I believe this can be done in the Active Directory Domains and Trusts settings.  If you go to the TS, then AD Domain and Trusts feature, right click on your domain, and then check to see that it trusts your other DC.
0
 
LVL 3

Expert Comment

by:stlbridge
ID: 24022568
Post what you did to fix it.
0
 
LVL 3

Expert Comment

by:stlbridge
ID: 24022582
Didn't update.  Good work on solving it.
0
 
LVL 1

Author Comment

by:timbrigham
ID: 24028576
Thanks for your help stlbridge.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

My previous article  (http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/A_4466-A-beginners-guide-to-installing-SCCM2007-on-Windows-2008-R2-Server.html)detailed one possible method to get SCCM 2007 installed an…
Know what services you can and cannot, should and should not combine on your server.
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
Screencast - Getting to Know the Pipeline

783 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question