mlsbraves
asked on
Setting permissions from Active Directory to allow domain users to connect through rdp
Hello experts,
I have converted our corporate office to a virtual environment and also added a domain controller, I am now trying to connect all thin clients to the VM's. I can login with administrator but no other accounts work. I know by default only admins and Remote Desktop Users can access rdp. I added the group Remote Desktop Users to all the users under Active Directory but that still didn't work. I do see that all users can rdp into the Active Directory server now which is something I don't want. I also added this policy in my GPO:
Computer Policy\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Allow logon through Terminal Services--->I added the Domain Users group to this.
Also enabled Remote Desktop from the GPO as well.
So how can I allow all my users to connect through RDP while blocking them from logging into the servers.
I also have Windows Firewall temporally disabled until everything is up and running without issues.
Active Directory: Windows Server 2008 R2
Workstations: Windows 7 Pro
I have converted our corporate office to a virtual environment and also added a domain controller, I am now trying to connect all thin clients to the VM's. I can login with administrator but no other accounts work. I know by default only admins and Remote Desktop Users can access rdp. I added the group Remote Desktop Users to all the users under Active Directory but that still didn't work. I do see that all users can rdp into the Active Directory server now which is something I don't want. I also added this policy in my GPO:
Computer Policy\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Allow logon through Terminal Services--->I added the Domain Users group to this.
Also enabled Remote Desktop from the GPO as well.
So how can I allow all my users to connect through RDP while blocking them from logging into the servers.
I also have Windows Firewall temporally disabled until everything is up and running without issues.
Active Directory: Windows Server 2008 R2
Workstations: Windows 7 Pro
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.