maximus7569
asked on
Users connecting from Remote Web Workplace
We have users who are trying to connect from home to their computers at work using the Remote Web Workplace portal in SBS2008. When they connect they get this error:
To log on to this remote computer, you must be granted the Allow log on through Terminal Services right. Be default, members of the Remote Desktop Users group have this right. If you are not a member of the Remote Desktop Users group or another group that has this right, or if the Remote Desktop Users group does not have this right, you must be granted this right manually.
We have given them access to their machine as it shows up when they login and they get asked for credentials but then they get this error.
What do I need to do to get them to remote in?
To log on to this remote computer, you must be granted the Allow log on through Terminal Services right. Be default, members of the Remote Desktop Users group have this right. If you are not a member of the Remote Desktop Users group or another group that has this right, or if the Remote Desktop Users group does not have this right, you must be granted this right manually.
We have given them access to their machine as it shows up when they login and they get asked for credentials but then they get this error.
What do I need to do to get them to remote in?
ASKER
Should it not work without creating a custom GPO? I am just going on the SBS thinking.
Not necessarily... it all depends on how the domain came in to existence, whether it was a virgin config or a migration.
It could be that your computers are not in the correct OU from a migration to have the settings implied by SBS 2011 policy.
Forcing a new GPO is removable, you can select all domain computers as the target and the user remote policy will control who can access what.
It could be that your computers are not in the correct OU from a migration to have the settings implied by SBS 2011 policy.
Forcing a new GPO is removable, you can select all domain computers as the target and the user remote policy will control who can access what.
ASKER
Ah yes this was a domain migration and I have noticed that is really the only hiccup we are seeing. Everything went well.
So it would be better to create this GPO?
So it would be better to create this GPO?
Yes, that way you dont have to move computer accounts around in AD...
ASKER
Ok I will try that. Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Computer Configuration, Administrative Templates, Windows Components, Remote Desktop Services, Remote Desktop Sessions, Connections: Allow users to connect remotely using Remote Desktop Services...set to enabled.
Run GPUPDATE on server
Run GPUPDATE /FORCE on workstation and reboot.