<div>
&quot;The only way it would work is if I add the user to the remote desktop users group on the the machine I'm trying to RDP to.&quot;<br />
This is by design,<br />
<br />
Are you taking into consideration AD replication intervals after making group membership changes?<br />

</div>


"The only way it would work is if I add the user to the remote desktop users group on the the machine I'm trying to RDP to."
This is by design,

Are you taking into consideration AD replication intervals after making group membership changes?


<div>
<div class="content wysiwyg-content">
I have setup a two way forest trust between two seperate forest. In forest A I have a root domain called domain1 and a child domain called domain2. <br />
<br />
In forest B there is one domain. I have created the forest level trust between the root domain in forest a and the one domain in forest b.<br />
<br />
Everything works great but when I try to allow users from domain2 in forest A to use RDP to a server in forest b it will not work. <br />
<br />
The only way it would work is if I add the user to the remote desktop users group on the the machine I'm trying to RDP to.<br />
<br />
If I add the user to a group &nbsp;and add that group to the local remote desktop users group on the server I'm trying to access it fails. <br />
<br />
It gives the error that you must be a memer of remote desktop users to access the machine when it fails.<br />
<br />
Any ideas? <br />
<br />

</div>
</div>


I have setup a two way forest trust between two seperate forest. In forest A I have a root domain called domain1 and a child domain called domain2. 

In forest B there is one domain. I have created the forest level trust between the root domain in forest a and the one domain in forest b.

Everything works great but when I try to allow users from domain2 in forest A to use RDP to a server in forest b it will not work. 

The only way it would work is if I add the user to the remote desktop users group on the the machine I'm trying to RDP to.

If I add the user to a group  and add that group to the local remote desktop users group on the server I'm trying to access it fails. 

It gives the error that you must be a memer of remote desktop users to access the machine when it fails.

Any ideas? 



Cant use remote desktop across trust

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.

OS Security

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.