RDS on 2008 R2 Server Running Active Directory

I know this is not "Best Practice" - But I need to have RDS running on a 2008 R2 Server running AD.  This is their only server.   I have everything configured except - I get an error stating that the account must be an administrative account.    I have read that you can enable "Allow log on thorugh Remote Desktop Service" in the group policy.  But I cannot find where this is located on the Domain Controller?   I am looking in the GBMC.MSC?   Wrong place?

COPIED:
Start Group Policy Management Editor and edit “Default Domain Controller” policy. Locate “Allow log on through Remote Desktop Services” User rights setting (Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\). Add the new security group and close the management console.

Thanks
Perry_WoodAsked:
Who is Participating?
 
Neil RussellConnect With a Mentor Technical Development LeadCommented:
Start>Run>gpedit.msc
In left pane, expand Computer Configuration>Windows settings>Security Settings>Local policies>User Rights Assignment
Now in right-pane, double-click "Allow log on through terminal services" then click add and add non-administrative users.
Start>run>gpupdate /force

0
 
David11011Commented:
I know about 5 things that fit the acronym RDS. Which one are you using?
0
 
Brian PiercePhotographerCommented:
Set it in the Group Policy Management console and either apply it to the Domain Controllers OU or to the domain itself.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
David11011Commented:
oh lol I guess I should have read the tags. RDS terminal server. Nevermind
0
 
Neil RussellTechnical Development LeadCommented:
Not best practice? Its about as far from it as you can get.  IF the customer wants RDS running then YOU as their technology specialist should only give one answer. "You need another server."

The risk to their business is immense. And ONLY 1 server? What happens when the AD corrupts and NOBODY can log in to ANY workstation?

I would suguest you go back and tell them to either invest or sign a disclaimer saying its NOT your fault when it all goes pete tong!!
0
 
Perry_WoodAuthor Commented:
KCTS - Can you be more specific as to where this is?  I must be looking in the wrong locaction.  If I run the GBMC.MSC from the run command and bring up the Group Policy Manager, and drill down to the domain conftroller . . . Click on the tab that says setting,   . . . where to from there, or am I in the wrong location.  Thank you!
0
 
Perry_WoodAuthor Commented:
THANK YOU!!!!!!!!!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.