I'm having some real problems with getting new users to connect to a new 2008 R2 server with RDP. Ive set up hundreds of TS's before & never ran into this issue I'm having with W2K8 R2. Here is what I have created so far.
Server 1 = 1 X W2K8 R2 server & configured it as a PDC. Created some test users.
Server 2 = 1 X W2K8 R2 server & configured it with Remote desktop services. Is joined to server 1's domain.
Ive got around this issue previously by just making the front end terminal server a W2K3 R2 server & everything works fine. Add the relevant group to RDP users on the local server ( the front end terminal server) & away it goes. But I need to get it working with W2K8 R2 as I cant just keep doing that forever.
If I dont install the RDP role on server 2, the test users login fine. Although as per normal, without RDP role installed, only a couple of users can log on. If I install the RDP role on Server 2, test users get "access denied".
Event log on Server 2 shows: An account was succesfully logged on....but it didnt.
I have added the test users to the local rdp user group on Server 2, but when I click apply, it just empties the box. If I try to add it again, it says the user is already added. If I do the same thing on a W2K3 server, the users stay there.
I went to RD session host & security & added the users there, still no logon.
I went to the local security policy on Server 2 & user rights assignment & added the users there, but upon clicking apply, the users names appear as just a SID. Its like Server 2 sees it as an orphaned SID & cant identify what it should be associated with.
I went to the DC & added the relevant users to the group policy computer config/user rights assignment/Allow log on through RD services. Still no logon. Rebooted both server, still no logon.
Administrator logs on fine, but not test users. Even if I add a test user to administrators group, still no logon.
If I logon via the ip from outside the domain I get "access denied" & nothing interesting in the evnt logs. If I try & rdp onto Server 2 from itself I get Event 4625:
An account failed to log on.
Security ID: NULL SID
Account Name: -
Account Domain: -
Logon ID: 0x0
Logon Type: 3
Account For Which Logon Failed:
Security ID: NULL SID
Account Name: karen
Account Domain: XYZ
Failure Reason: Unknown user name or bad password.
Sub Status: 0xc000006a
The servers are only a few days old & no TS licensing is installed as yet, but its within the grace period so this shouldnt be an issue. I've never had so much trouble getting a windows server to act as a terminal server before until 2008.
Can anyone help?