Can't RDP into the server

Posted on 2009-05-04
Last Modified: 2013-11-21
I tried installing Terminal Services from Elusiva on a Server running Server 2003.  They offer it a little cheaper and I was happy with their Terminal Services pro on Xp which provides a good solution for small business.

I didn't work out too well for Server 2003 standard however so I uninstalled it. The config is set to remote desktop for administration but when I try to log in (domain admin) I get:

To log on to this remote computer, you must have Terminal Server User Access Permissions on this computer. By default, members of the Remote Desktop group have these permissions. If you are not a member of the Remote Desktop Users group or another group that has these permissions, or if the Remote Desktop User group does not have these permissions, you must be granted these permissions manually.

I tried:
1.      Run Add/Remove Programs (run "appwiz.cpl")
2.      Click Add/Remove Windows Components (Alt-W)
3.      Uncheck Terminal Server
4.      Press Next>.
5.      Follow instructions, including rebooting.
6.      Open System control panel applet (run "sysdm.cpl")
7.      Click Remote tab.
8.      Check Enable Remote Desktop on this computer. (because removing Terminal Server disables this)
9.      Click Select Remote Users...

Everything I can find says that Terminal Services is in admin mode but still I get that error one would get if a user was not in remote desktop group and it was in applications mode.  Is there a key I need to check or something?

Question by:ccampbell15
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1

Expert Comment

ID: 24301581
First things first. Have you checked: Enable remote desktop on this computer in System properties

Expert Comment

ID: 24301582
Oops ignore that comment
LVL 14

Expert Comment

ID: 24302868
1. Check to see if the account you are trying to connect as is a member of the Remote Desktop Users group. (Go to Start > Run and enter  "control userpasswords2" > Advanced Tab> Advanced user Management and check membership on "Remote Desktop Users" group.

2. Open Gpedit and check the user account/Remote Desktop Users group is allowed to log on through terminal services. (Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment > Allow log on through Terminal Services)

Hope this helps.
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 24303024
I have disabled (or so I think) applications mode and am logging in as a domain admin. Remote is enabled in the system icon of program files.  I can't use the first snap-in you mention because it's a DC. Small business and the ONE Server is everything.

Remote desktop users group should not be allowed to login via TS at this point since it's in remote admin mode.

LVL 14

Accepted Solution

Raj-GT earned 500 total points
ID: 24303079
In which case the GPO should have the Administrators group.
Also check under Terminal Services Configuration > RDP-Tcp properties > Permissions tab to see if the Administrators group has full rights to connect to the server.


Expert Comment

ID: 24303628
Are you able to telnet to port 3389?

Author Closing Comment

ID: 31577878
You were right!  I never edited this GPO so it's a bit of a mystery how/why it was changed.



Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip is around source server preparation. No migration is an easy migration, there is a…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question