Solved

Users can't remote after migration

Posted on 2010-08-16
8
349 Views
Last Modified: 2013-11-21
I just preformed a swing migration from SBS to 2003 standard.  Everything went fine so it has seemed.  I just added a new server to the domain that is a stand alone.  It is to be a Windows Terminal Server.  None of my users can log onto the new server using RDP.  So I checked to make sure the users were part of the remote desktop users group.  They were so then I checked to see if the users could log onto the DC.  They still couldn't.  I can't seem to find what's wrong with my AD to see why these users can't logon remotely.  Help!!
0
Comment
Question by:johnpatbullock
8 Comments
 
LVL 20

Expert Comment

by:woolnoir
ID: 33448870
Whats the error... and whats in the security log for the server ?
0
 
LVL 3

Expert Comment

by:mijared
ID: 33448898
There can be lots of reasons why users can't log into a terminal server.

1 Check the firewall on the server.
2 Check the GPO for this server, look for Comp Config > Admin Temp > Windows Components > Terminal Services > Allow users to connect remotely.
3 Check that the RDP group is allowed to connect to the server. Check this in Terminal services configuration.

Michael
0
 
LVL 4

Accepted Solution

by:
Jamie_Wilson earned 500 total points
ID: 33448932
If the TS server is not a DC, make sure the users are members of the local remote desktop users group
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 

Author Comment

by:johnpatbullock
ID: 33448988
I know the firewall is ok.  I can logon remotely using the domain admin account.
0
 
LVL 20

Expert Comment

by:woolnoir
ID: 33448997
show us what the server logs are saying while attempting to login with a user account... at present we have little information to work on.
0
 

Author Comment

by:johnpatbullock
ID: 33449230
It seems only domain admins can logon.  When a normal user tries the message is "To log on to the remote computer, you must be granted the Allow log on through Terminal Services right."  Even though these users have that right??  I get no errors in application or system even viewer.  
0
 
LVL 5

Expert Comment

by:SteelerPaz
ID: 33455344
Sounds like you need to focus on Step 3.  Domain admins always have the rights.

To enable Remote Desktop via group policy, you need to:

1. Enable Remote Desktop,
2. Create the inbound firewall rule,
3. (Optionally) Configure the groups allowed to connect.

You can do this by using the following settings:

1. Computer Configuration > Admin Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Allow users to connect remotely using Remote Desktop Services = Enabled

2. Computer Configuration > Windows Settings > Security Settings > Windows Firewall with Advanced Security > Windows Firewall with Advanced Security > Inbound Rules
2a. Right-click -> New Rule...
2b. Predefined -> Remote Desktop, Next, Next
2c. Allow the connection, Finish.

3. Computer Configuration > Windows Settings > Security Settings > Restricted Groups
3a. Right-click -> Add Group,
3b. Use the Browse button to find the domain group that has all the users you want to be able to use RDP in it, click OK,
3c. Click the second Add button (for "This group is a member of:",
3d. Type, Remote Desktop Users, then click OK twice to confirm the policy setting.
0
 
LVL 17

Expert Comment

by:Spike99
ID: 33465636
I think that error indicates that the user is NOT a member of the local Remote Desktop Users group on the server.  Since these users are already members of the Remote desktop Users group, I would check terminal servicies configuration:

click on Start > All programs > administrative tools > terminal services configuration

Double click on the RDP-TCP in the right hand panel. Click on the permissions tab:
make sure the Remote Desktop Users group is granted "user" and "guest" access to the server.
I hope this helps.

Alicia
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Server 2016 licensing 11 872
Server HP DL380 G7 13 47
Task with PowerShell Script is failing with 0x41301 7 121
Active Directory delegation of control to a user 3 120
Remote Desktop Protocol or RDP has become an essential tool in many offices. This article will show you how to set up an external IP to point directly to an RDP session. There are many reasons why this is beneficial but perhaps the top reason is con…
Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip is around source server preparation. No migration is an easy migration, there is a…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question