dankyle67
asked on
group policy for windows 2003 domain controller
Hi,
wanted to find out how to set up a group policy on a windows 2003 domain controller that would allow certain users to access it through terminal services. Currently, 2 users are able to access it and i can view them as having local profiles on this server but for some reason a previous user whose profile got corrupted can no longer access it through remote desktop session. I was told that on a domain controller there is no way to add local users and have to do this using active directory users and computers. Which is the correct way to add users to enable them to access this server through terminal services since when i tried using gpedit.msc the option to add users in terminal services is grayed out. thanks.
wanted to find out how to set up a group policy on a windows 2003 domain controller that would allow certain users to access it through terminal services. Currently, 2 users are able to access it and i can view them as having local profiles on this server but for some reason a previous user whose profile got corrupted can no longer access it through remote desktop session. I was told that on a domain controller there is no way to add local users and have to do this using active directory users and computers. Which is the correct way to add users to enable them to access this server through terminal services since when i tried using gpedit.msc the option to add users in terminal services is grayed out. thanks.
Win2003 Server allows 2 remote connections for ADMIN purposes. If you want more remote users and for them to maintain their own profiles you will need to install Terminal Services and buy licences. That said, its NOT a good idea to install Terminal Services on a DC as its a huge secirity risk - MS discourage it - and even prevent it on SBS servers.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
For some reason the user is not showing up under c:\documents and settings which reason i am having problem since i cannot delete it then cannot recreate user profile. This is why i am trying to find out if there is a domain policy that is restricting access for this particular user. This is a terminal server and am aware of the security issues relating to having it on a domain controller. We are planning to demote it to a member server down the road but for now, this user needs access remotely. Also, we have plenty of licenses for terminal server.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.