Solved

TS 2008 - Requested session access is denied

Posted on 2009-03-30
8
9,703 Views
Last Modified: 2013-11-21
I am receiving "The requested session access is denied" when attempting to log in to my experimental TS 2008 machine. This machine is also running domain controller role.  I know it's a bad idea, but it is just a test environment.

The problem I ran in to is that I can't add cross domain users into the Remote Desktop Users group. As a result, I created a new Domain Local group that has all my TS remote access accounts.
I went into Group Policy and updated the Default Domain Controller policy to include the new group, "Test Remote Users", but I'm still receiving the above error.  If anyone could point me to where this is hanging up I would appreciate it.
0
Comment
Question by:timbrigham
  • 4
  • 3
8 Comments
 
LVL 3

Expert Comment

by:stlbridge
ID: 24022080
Is that the full error message?
How are you connecting to your TS (Local/External)?
Is the computer connecting to the TS part of your domain?

First, I would check firewall settings on the TS.  Second, I would use the built-in remote users group.  Third, I would check to make sure that the TS isn't requiring the connecting computer to be the same OS for compatibility.  Fourth, let me know.
0
 
LVL 1

Author Comment

by:timbrigham
ID: 24022405
The connection is local.
The TS machine a separate domain  (requirement in the initial setup) and acting as a domain controller.
The onboard firewall has been disabled.

Unless I am missing something, I can not use the inbuilt remote user group, since it has problems with cross domain member assignment, and I can't change the group type of an inbuilt group.
The OS compatibility is not a problem - everything works with a local account assigned to the Remote Users group.
0
 
LVL 1

Accepted Solution

by:
timbrigham earned 0 total points
ID: 24022488
Under "Terminal Services Configuration", I missed updating the security on the RDP-Tcp object to include the new group I created.
 
I updated the gateway and remote app settings and web access settings and missed the most basic permission group. Hopefully someone else will save some time looking for a solution to this. :)
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 3

Expert Comment

by:stlbridge
ID: 24022561
Have you setup the Domain Trusts?  I believe this can be done in the Active Directory Domains and Trusts settings.  If you go to the TS, then AD Domain and Trusts feature, right click on your domain, and then check to see that it trusts your other DC.
0
 
LVL 3

Expert Comment

by:stlbridge
ID: 24022568
Post what you did to fix it.
0
 
LVL 3

Expert Comment

by:stlbridge
ID: 24022582
Didn't update.  Good work on solving it.
0
 
LVL 1

Author Comment

by:timbrigham
ID: 24028576
Thanks for your help stlbridge.
0

Featured Post

Are your corporate email signatures appalling?

Is it scary how unprofessional your email signatures look? Do users create their own terrible designs and give themselves stupid job titles? You can make this a lot easier for yourself by choosing an email signature management solution from Exclaimer today.

Join & Write a Comment

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found listed in my profile here: http:…
Know what services you can and cannot, should and should not combine on your server.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now