I have an interesting issue going on in our w2k3 AD environment. Some of our IT staff had been mysteriously denied their access to terminal servers. They come in one morning and found they cant log on to any servers. I later found under their user properties, in the terminal server tab, Allow logon to terminal Server was unchecked. It happened to couple of staff and some of them even have domain admin rights.
I wonder if anybody else had the same issue before so we can know what could have triggered this. If not, how can I monitor the change on that particular setting to find out whom or what made the change?
Thanks in advance for your help.