for some reason, a user that has been able to RDP into a server for the past several months stopped working today. It is giving me the error of the users need to be Allowed logon through Terminal Services. I took a look at the GPO and found that it is set to only allow the administrators group access to RDP. However, I am not able to add another group or user.
The user in question is the owner of the company, so I have made them a local admin for the time being so they have access to the accounting program, but I would like to correct this properly. I am also looking into why this has suddenly changed. Any ideas on how to correct this so I can add her user name to the abiility to access RDP on the server? the server is not a DC and she was accessing the RDP with a account that is local to the server. I was using gpedit.msc directly on the server instead of going to the DC. Could a GPO for the OU prevent me from making any changes to the groups and users that can be granted access through terminal services?