Solved

Terminal Services Login - Windows Enterprise R2

Posted on 2013-06-13
2
306 Views
Last Modified: 2013-08-30
I have seen this behavior on a Windows 2008 Enterprise

:to logon to this remote computer, you must be granted the "allow log on through terminal services right"  etc.

The RDP has the users we want to access but still can't RDP .. any suggestions?
Capture.GIF
0
Comment
Question by:shoris
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 26

Accepted Solution

by:
pony10us earned 500 total points
ID: 39245244
There are a couple of things to consider. There is a good article explaining the difference between the GPO and the RDP users group:

http://blogs.technet.com/b/askperf/archive/2011/09/09/allow-logon-through-terminal-services-group-policy-and-remote-desktop-users-group.aspx
0
 

Expert Comment

by:techlabtest
ID: 39245312
Check this...it could helps..but it's for win server 2003....


We need to do this through Group Policy.  Open Active Directory Users and Computer, right click on an OU, select properties and click on the group policy tab. Click on new, give it a name for example Admin Access to remote.  Select the file and click on Edit.
Group Policy Object Editor opens.  Select Computer Configuration, Windows Settings, Security Settings, Local Policies, User Rights Assignment.  On the right pane double click Allow log on through Terminal Services or Remote Desktop Connections.  Under this properties window, click on add user or group and select Domain Admins.  You can add any user you want.  Means that in this tutorial only domain Administrator would have access to use remote desktop connection.  Click ok..etc etc…and close all windows.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question