RDC into windows 7 pro PC that is member of server 2012 standard domain using domain credentals

I have a windows 7 professional application server that is a member of a server 2012 standard domain.

I would like to RDP into the windows 7 Computer using the active directory credentials to establish the RDP session will this work and what syntax to I need to use in the RDP connection?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Lee W, MVPTechnology and Business Process AdvisorCommented:
Enable remote access in the Windows 7 computer's System control panel.  Then you can connect to it.  It's that simple.  If you want to connect from outside the office, the intelligent thing would be to setup direct access on the remote clients or a VPN (cheaper).
If you are in a domain, you will also have to make sure the user in question is in the Remote desktop users group also.  Windows should open the RDP port (3389) in the firewall, if you enable it in the advanced options, but it doesn't hurt to check.

Also, if it is just for internal use, you are done, but if you are trying to do this from external, you will want to also forward the port from your WAN side to the internal IP of your computer in question.  Since you most likely will have RDP to a different machine, you may also want to have the machine listen on a custom RDP port, open that on the software firewall, and the forward that port to the machine in question.
Kash2nd Line EngineerCommented:
the above options are all valid and will work.

you can also use logmein.com and / or teamviewer etc which does a really good job.
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

Maybe you would also like to configure single sign on?
See http://blogs.msdn.com/b/rds/archive/2007/04/19/how-to-enable-single-sign-on-for-my-terminal-server-connections.aspx - this is of course also possible with win7.
jaymvAuthor Commented:
I just really need to know if the RDP session will forward the AD credential over and authenticate the user on with windows 7 box with there AD sign on.  And what is the syntax of how the user should login in the RDP connecton box would be Domain/username:port# (not using standard RDP port of 3389
Syntax? Use the remotedesktop client mstsc.exe
About credential forwarding: You read my link? That's it.
Lee W, MVPTechnology and Business Process AdvisorCommented:
The RDP session is JUST LIKE sitting in front of the computer.  You log in exactly the same way.

You don't specify ports for login, you specify them for connection.
jaymvAuthor Commented:
Sorry to be vague

Well I am on site now and just as I suspected which is why I posted this question I can not establish and RDP connection to the windows 7 Desktop which is a member of the domain using active directory credentials When I try to connect to the windows 7 desktop with the AD credentials I get "the connection was denied because of the user account is not authorized for remote login:  in active directory on the DC the user is a member of the remote desktop connection group.  That user account is not present locally on the windows 7 box since I don't want ot have to maintain a second database of usernames and passwords locally on the the windows 7 box I want the domain credentials to be used for connecting to the windows 7 box
Lee W, MVPTechnology and Business Process AdvisorCommented:
So your settings appear to indicate the user can connect to the server, but not the Windows 7 system.  Look at the local groups on the Windows 7 system.  Are they in any of those?
The group in AD is by default NOT part of any clients' remote desktop authorized group.
Simply use restricted groups to deploy it to your liking: for example put the group domain users into the local group remote desktop users. Be aware what that would mean: any domain user may rdp into any computer the policy applies to (if, yes if he is allowed to logon to that workstation - that is a different privilege).
McKnife is correct, the remote desktop users group is only present by default if you are running a SBS network.  Otherwise, you will need to make the Group Policy to enable it.

So, you will need to
1. (On server)Create the GPO as described here and push to your workstations.
2. (On server) Add your users to the group you put in your GPO as being able to remote into the workstations.
3. (On workstation) If using a custom port number for a specific computer, (don't forget to open the port in the software firewall too) as described here
4. (from your workstation) Test from internal workstation that RDP is working on your port, using the AD credentials.  (also, don't forget, Windows 7 requires you to enter your domain as part of the user name, otherwise it will try a local account, so "domain\user" format.
5. (probably form your workstation) Update the WAN Firewall to forward your custom port, then I test by using an online port scanner like http://www.t1shopper.com/tools/port-scan/

You also do not want your users to use local account since it will also be a separate profile, and if they are like my users, they will leave themselves logged in, which in Windows 7 will prompt the user to allow someone to force log them out, and then finally allow the remote to log in.  Which if no one is there to click "ok", then you get nothing in the remote session.
Oh, you can also manually put in the user in question into the local workstation group by going to System properties, then remote settings (tab), then select users (button) then adding your user/group in question.  I like the GPO way better, so I can do all of workstation at the same time.  

You can technically do the firewall and the custom RDP port through GPO also, but it can be a pain to make sure they are applying correctly.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jaymvAuthor Commented:
Thanks to all of you
Thanks to all, points to one. Why?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Networking

From novice to tech pro — start learning today.