Solved

RDS on 2008 R2 Server Running Active Directory

Posted on 2011-09-06
7
609 Views
Last Modified: 2012-05-12
I know this is not "Best Practice" - But I need to have RDS running on a 2008 R2 Server running AD.  This is their only server.   I have everything configured except - I get an error stating that the account must be an administrative account.    I have read that you can enable "Allow log on thorugh Remote Desktop Service" in the group policy.  But I cannot find where this is located on the Domain Controller?   I am looking in the GBMC.MSC?   Wrong place?

COPIED:
Start Group Policy Management Editor and edit “Default Domain Controller” policy. Locate “Allow log on through Remote Desktop Services” User rights setting (Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\). Add the new security group and close the management console.

Thanks
0
Comment
Question by:Perry_Wood
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 2

Expert Comment

by:David11011
ID: 36489971
I know about 5 things that fit the acronym RDS. Which one are you using?
0
 
LVL 70

Expert Comment

by:KCTS
ID: 36489974
Set it in the Group Policy Management console and either apply it to the Domain Controllers OU or to the domain itself.
0
 
LVL 2

Expert Comment

by:David11011
ID: 36489977
oh lol I guess I should have read the tags. RDS terminal server. Nevermind
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 37

Expert Comment

by:Neil Russell
ID: 36490275
Not best practice? Its about as far from it as you can get.  IF the customer wants RDS running then YOU as their technology specialist should only give one answer. "You need another server."

The risk to their business is immense. And ONLY 1 server? What happens when the AD corrupts and NOBODY can log in to ANY workstation?

I would suguest you go back and tell them to either invest or sign a disclaimer saying its NOT your fault when it all goes pete tong!!
0
 

Author Comment

by:Perry_Wood
ID: 36491063
KCTS - Can you be more specific as to where this is?  I must be looking in the wrong locaction.  If I run the GBMC.MSC from the run command and bring up the Group Policy Manager, and drill down to the domain conftroller . . . Click on the tab that says setting,   . . . where to from there, or am I in the wrong location.  Thank you!
0
 
LVL 37

Accepted Solution

by:
Neil Russell earned 500 total points
ID: 36491198
Start>Run>gpedit.msc
In left pane, expand Computer Configuration>Windows settings>Security Settings>Local policies>User Rights Assignment
Now in right-pane, double-click "Allow log on through terminal services" then click add and add non-administrative users.
Start>run>gpupdate /force

0
 

Author Closing Comment

by:Perry_Wood
ID: 36491696
THANK YOU!!!!!!!!!
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question