Solved

How does a domain user RDP into a server?

Posted on 2011-03-07
9
544 Views
Last Modified: 2013-11-21
We have quick books installed on a member server.  We need a user to remote into this server in order to access quick books from a remote office.  Their is a VPN setup and they can remote in but when they do, it states that they need to be part of the remote desktop groups.  How can we allow this user to remote in without having to give them admin access to this server to remote in?
0
Comment
Question by:maximus7569
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 2

Assisted Solution

by:xchange
xchange earned 250 total points
ID: 35062156
On the member server:
Right-click "My computer" | Manager
"Local Users and Groups"
add the user into the "remote desktop users" group.
0
 
LVL 34

Accepted Solution

by:
Paul MacDonald earned 250 total points
ID: 35062174
On the member server, right-click on "My Computer" or go to Start -> Programs - > Administrative Tools and select "Manager your server"

In the Computer Management utility, select Local Users and Groups, then Groups.  On the right-hand side you'll see a list of local groups.  One is Remote Desktop Users.  Open that group and add the user's domain account to the group. That should do it.
0
 

Author Comment

by:maximus7569
ID: 35062319
Thanks guys that did the trick.  Now will that keep them from installing anything or making any changes?
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 35063746
Depends on what you mean.  Adding users to the Remote Desktop Users group gives them the ability to remote in, but doesn't necessarily give them elevated permissions on the machine.  Their local permissions will depend on who they log in as.  As such, if the user is just a User (as opposed to a Power User or Administrator or somesuch), then they can only do things users can do.
0
 
LVL 16

Expert Comment

by:Shaik M. Sajid
ID: 35067898
the scenario seems to be very...

server by default can access only  2 sessions.

if u want to access more than 2 sessions u need terminal server ...

try this ... microsoft giving free access of 90 days terminal server license.

to install the terminal server see this article

http://wn.com/Windows_Server_2003__Terminal_Server_Installation

then the second option is publishin you application (quick books)  to terminal server to access remote users...
see this link.
http://wn.com/Terminal_server_configuration

there are lot of third party applications to publish your app to access remotely...

i.E   Citrix Xenapp   www.citrix.com

const effactive and good in performance   2x application server   www.2x.com
0
 

Author Comment

by:maximus7569
ID: 35069617
This is for server 2008, do you have links for that?
0
 
LVL 27

Expert Comment

by:Steve
ID: 35072194
I agree with shaiksaj. This is a bit odd.

Unless you have terminal server licenses, the server is only able to perform RDP sessions for administration. You cannot properly prevent this user from making changes without issues.

Either install terminal server licenses or change you plan asap. users logging onto servers is always a bad plan.

If you are unsure, log in as the user and try to change something. If it lets you, they could potentially shut the server down, change config or completely screw it up.
0
 

Author Comment

by:maximus7569
ID: 35088273
Thanks guys!  I will setup terminal server.  Who gets the points?
0
 
LVL 27

Expert Comment

by:Steve
ID: 35100071
It's up to you mate. choose which answer (or answers) helped you the most.

Glad you've come to a decision. Users logging into server is always a recipe for disaster....
0

Featured Post

Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question