Solved

Windows server 2012 R2  Domain accounts can not Remote desktop

Posted on 2014-02-19
5
6,930 Views
Last Modified: 2014-03-17
Hello.  I just added my first windows server 2012 r2 into my network.  I allowed remote connections but can only use the local admin account to connect.  It will not accept any domain accounts.  I did join the server to the domain.  I also added the domain admin accounts to the remote desktop local groups and also the administrators local group.  When I try to RDP into it, it does not allow.  I can however use the local admin account of the server.

What also is strange.  When I use the HP lights out remote console, I am able to login using the domain admin accounts.  Looks like it is a remote desktop issue.

Thank you
0
Comment
Question by:bidgadget
5 Comments
 
LVL 27

Expert Comment

by:Jason Watkins
ID: 39870382
Could you check the local GPO and see which user/group is "allowed logon through terminal services"? Sounds like the only user allowed through that method is the local admin.
0
 
LVL 17

Expert Comment

by:jburgaard
ID: 39870444
0
 
LVL 5

Expert Comment

by:arjunvyavahare
ID: 39872610
Can you please check your machine's date and time and remote server's date and time which you want to take RDP.

Regards,
Arjun
0
 
LVL 11

Expert Comment

by:marek1712
ID: 39872711
Not sure when but if the server is DC it only allows to log in into RDP if user is added in the GPO section (not in the System porperties window). So add it in GPO. The policy is called: Allow log on through Remote Desktop Services.
0
 
LVL 11

Accepted Solution

by:
hecgomrec earned 500 total points
ID: 39873540
Here is my professional opinion on this.

Despite what Microsoft intensions are with the Remote Services, there is a growing issue among IT people that is hard to get at the beginning and I personally thing is because the lack of information about the three options available to remotely access a machine (server or not).  Which bring me to the point that no one... no one for any reason besides IT staff should ever log to server locally or remotely.


1. RDS - REMOTE DESKTOP SERVICES is a set of roles and features that will install security, policies and an authentication server and a license server for those who wants to connect.  Here you will need to expand your knowledge about Terminal Services to another level and once you get it installed you will have a grace period to buy your licences and you will no longer after that period able to use RDC to the server you installed these services.  I discover this when I installed Remote Desktop Web Access (RD Web Access).

2. RD Web Access - REMOTE DESKTOP WEB ACCESS, formerly Terminal Services Web Access (TS Web Access) is the service/role that will allow you to set a website access for your clients to get to their Computer Desktop, Virtual Desktop, a set applications or all of the above.  Here, you most install an RD Gateway to authenticate the users.

RD Gateway is a Service/role that will hold a set of rules/policies for the connection authorization and resources a group or a single client has access to.  This could be any server on your organization.

3. RDC -  REMOTE DESKTOP CONNECTION is a connection establish to a machine on a LAN or WAN (RD Gateway can be uses here too) as long as you know either the name or the IP address of the machine.  Here, the user who wants to connect most be certain that his username is previously authorized on the machine, not as a local user but granted permission to connect remotely even if he/she is already a local user and is logged to the target machine.

To achieve this connection, you most go into remote settings on the target computer (WKs or Server) and give permissions to all desired users (hope they all IT guys!)

Note: This option may not allow "switch user" and close the actual logged connection on the target computer.


Sorry I know is long but I hope it helps..... you can always RDC to a machine using the "/admin" after the machine name to log to a server with RDS installed.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you upgrade from Windows 8 to 8.1 or to Windows 10 or if you are like me you are on the Insider Program you may find yourself with many 450MB recovery partitions.  With a traditional disk that may not be a problem but with relatively smaller SS…
What to do when Windows Update is not working correctly? What tools can I use to detect the cause of the malfunction problem? What does this numeric error code mean? These and other questions that you have been asking in the past are answered here (…
In this Micro Tutorial viewers will learn how to restore single file or folder from Bare Metal backup image of their system. Tutorial shows how to restore files and folders from system backup. Often it is not needed to restore entire system when onl…
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now