[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 496
  • Last Modified:

Users connecting from Remote Web Workplace

We have users who are trying to connect from home to their computers at work using the Remote Web Workplace portal in SBS2008.  When they connect they get this error:

To log on to this remote computer, you must be granted the Allow log on through Terminal Services right. Be default, members of the Remote Desktop Users group have this right. If you are not a member of the Remote Desktop Users group or another group that has this right, or if the Remote Desktop Users group does not have this right, you must be granted this right manually.


We have given them access to their machine as it shows up when they login and they get asked for credentials but then they get this error.

What do I need to do to get them to remote in?
0
maximus7569
Asked:
maximus7569
  • 3
  • 3
1 Solution
 
Gary ColtharpSr. Systems EngineerCommented:
We use a group policy setting in a custom GPO.....

Computer Configuration, Administrative Templates, Windows Components, Remote Desktop Services, Remote Desktop Sessions, Connections: Allow users to connect remotely using Remote Desktop Services...set to enabled.

Run GPUPDATE on server
Run GPUPDATE /FORCE on workstation and reboot.
0
 
maximus7569Author Commented:
Should it not work without creating a custom GPO?  I am just going on the SBS thinking.
0
 
Gary ColtharpSr. Systems EngineerCommented:
Not necessarily... it all depends on how the domain came in to existence, whether it was a virgin config or a migration.

It could be that your computers are not in the correct OU from a migration to have the settings implied by SBS 2011 policy.

Forcing a new GPO is removable, you can select all domain computers as the target and the user remote policy will control who can access what.

0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
maximus7569Author Commented:
Ah yes this was a domain migration and I have noticed that is really the only hiccup we are seeing.  Everything went well.

So it would be better to create this GPO?
0
 
Gary ColtharpSr. Systems EngineerCommented:
Yes, that way you dont have to move computer accounts around in AD...
0
 
maximus7569Author Commented:
Ok I will try that. Thanks.
0
 
Rob WilliamsCommented:
I would first try updating the user roles. In the SBS console go to users and groups | users | on the right select "change user role for user accounts" | select the role and add the users, complete the wizard. This will update there permissions and rights within the SBS 2008 domain that may not have been carried forward from the 2003 domain.

Based on your comments I assume you have granted them access under User propertes | remote access, And also under User properties Web sites, in the SBS console?
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now