asked on Unable to RDP to a W2k3 Server after joining the domain.
We rename a Windows 2003 server and join it to the domain from workgroup. When I login as a domain user, I am getting a message - Please see the screen shot.
I have already make sure the user belongs to the local Remote Desktop Users group which has permission to remote in. Both TS Licensing and Terminal Services are running.
I was able to RDP to it when It
Please advise what else to check.
Thanks.
TS-Error.bmp
I have already make sure the user belongs to the local Remote Desktop Users group which has permission to remote in. Both TS Licensing and Terminal Services are running.
I was able to RDP to it when It
Please advise what else to check.
Thanks.
TS-Error.bmp
Windows Server 2008Windows Server 2003
Last Comment
nav2567
Try adding the user to the Remote Desktop Users group in Active Directory.
User is having admin rights or not?...check with the other server with the user account so that you will know there is a issue with access not with server.
Just check if you have set any GPO which having following user rights enabled for this server:
"Allow logon through terminal services"
If that's the case, you must have configured some domain groups there which can access server remotely
Just add user to that group and check
Mahesh
"Allow logon through terminal services"
If that's the case, you must have configured some domain groups there which can access server remotely
Just add user to that group and check
Mahesh
Have you tried to turn the firewall off on both machines to see if that works?
Moreover please try to create a new user and connect .
Thanks.
Moreover please try to create a new user and connect .
Thanks.
ASKER
The domain admin accounts can RDP. Domain users cannot.
I will double check what you have suggested to check and update later.
Merry Christmas, everyone!
I will double check what you have suggested to check and update later.
Merry Christmas, everyone!
ASKER
Mahesh, allow logon through terminal services has already been granted to all domain users.
Detlef001, firewall is off already..
Not sure what sure to try.
Thanks for the feed back.
Detlef001, firewall is off already..
Not sure what sure to try.
Thanks for the feed back.
ASKER
As mentioned, the server was renamed before joining the domain. Do you think that is the cause of what is happening?
On windows 2003 server, navigate to terminal services configuration->rdp-tcp->pr
and add "Domain Users" to the permissions tab and please check
Mahesh
and add "Domain Users" to the permissions tab and please check
Mahesh
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Ratnesh,
The error message is "To log on to this remote computer, you mush have terminal server user access permission on this cojputer. By default, members of the remote desktop group have these permissions. If you are not a member of the remote desktop user group......"
I have already followed your suggestions in bullet 2, 3, 4 but same result. I still cannot login.
RDP-TCP properties security permission already shown local Remote Desktop Users group is included. The local Remote Desktop group does include the domain users group.
Sorry, I do not want to send a sceenshot over the internet.
Thanks for your feedback.
The error message is "To log on to this remote computer, you mush have terminal server user access permission on this cojputer. By default, members of the remote desktop group have these permissions. If you are not a member of the remote desktop user group......"
I have already followed your suggestions in bullet 2, 3, 4 but same result. I still cannot login.
RDP-TCP properties security permission already shown local Remote Desktop Users group is included. The local Remote Desktop group does include the domain users group.
Sorry, I do not want to send a sceenshot over the internet.
Thanks for your feedback.
What about step 1 , did you created a new user in seperate OU with no inheritance properties and that OU should not have any GP applied on it . Add that user to RD group or you can add it especially on the RDS machine. Check if it works or not.
Oh my bad , Did you mentioned that the role was already installed on the machine and later you joined the domain. If that so , its not the right approach. Add machine as member server and then add the role on it.
Oh my bad , Did you mentioned that the role was already installed on the machine and later you joined the domain. If that so , its not the right approach. Add machine as member server and then add the role on it.
ASKER
Sorry, I have tried that but they just don't work. I will have to revisit the issue later.
Thanks.
Thanks.