Solved

Unable to edit the Log on Through terminal services local policy setting

Posted on 2009-04-08
4
764 Views
Last Modified: 2012-05-06
Hi all,
Windows Server 2003 R2 Terminal Services
SBS Server 2003 Standard PDC

Customer is having trouble trying to log in to the Terminal server using the domain admin account.
When opening gpedit.msc >>COmputer configuration >> Windows Settings>> Security Settings >> Local policy>> User rights assignment>> Allow log on through Terminal Services AND Allow log on locally

Both policies above can not be edited and the Add user or group button is greyed out.
Again we are logged in using the domain administrator account so i wonder where to start?

Appreciate your help.

Dearg



To log on this remote computer, you must be granted the Allow log on through Terminal Services right.  By default, members of the Remote Desktop Users group have this right.  If you are not a member of the Remote Desktop Users group or another group that has this right, or if the Remote Desktop User Group does not have this right, you must be granted this right manually

Open in new window

0
Comment
Question by:vitsolutions
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 10

Expert Comment

by:Darylx
ID: 24097309
See if the policy is set in the default domain controllers policy.
0
 
LVL 3

Accepted Solution

by:
Popeyediceclay earned 500 total points
ID: 24097366
Probably because it's being applied at the domain level.  Open the Active Directory Users and Computers mmc and right-click the Domain Controllers OU and select Properties, change to the Group Policy tab and see if you can edit the policy that way.
0
 
LVL 3

Expert Comment

by:Popeyediceclay
ID: 24097396
Yeah, what Darylx said!
0
 

Author Closing Comment

by:vitsolutions
ID: 31568035
Thank you, i discovered this was controlle by a policy at the root of the domain level.
0

Featured Post

[Webinar] Code, Load, and Grow

Managing multiple websites, servers, applications, and security on a daily basis? Join us for a webinar on May 25th to learn how to simplify administration and management of virtual hosts for IT admins, create a secure environment, and deploy code more effectively and frequently.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question