Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

User Access to Server 2012 Remote Desktop

Posted on 2014-03-05
3
Medium Priority
?
7,856 Views
Last Modified: 2014-03-05
Hello Techies

I've been deploying several Server 2012 machines over the last couple weeks and I'm having trouble getting users to be able to login via Remote Desktop Connection.

I added one of the staff members to the "Remote Desktop Users" security group, but got this error on the login screen after making the connection:
To sign in remotely, you need the right to sign in through Remote Desktop Services. By default, members of the Administrators group have this right. If the group you're in doesn't have this right, or if the right has been removed from the Administrators group, you need to be granted this right manually.
After a little digging I thought I might need to install the Remote Desktop Services role and the Remote Desktop Licensing Manager. I did that and added 20 Server 2012 Device CALs to the system. However, this did not resolve the issue.

What am I missing here?



Thanks,
Brian
0
Comment
Question by:SkinnerTech
  • 2
3 Comments
 
LVL 13

Accepted Solution

by:
Santosh Gupta earned 2000 total points
ID: 39907041
is this domain controller or member server ?

if member server then check the local GPO GPO_name\Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment
and see that Remote Desktop user is added to  "Allow log on through Remote Desktop Services" .

and its domain controller then also check "Allow logon locally" policy.
0
 

Author Comment

by:SkinnerTech
ID: 39907188
sgupta1181

That was it!

This is a secondary domain controller, so I made the following changes:

Group Policy\Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Allow log on locally
Account operators
Administrators
Backup Operators
Print Operators
Remote Desktop Users
The first four groups are allowed by default if this settings is not defined, as described on the 'Explain' tab, so I kept them on the list to avoid any compatibility issues.

Group Policy\Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Allow log on through Remote Desktop Services
Administrators
Remote Desktop users
Again, 'Administrators' are allowed by default if this settings is not defined, so if you want 'Administrators' to have Remote Desktop Access you either have to add them to the Remote Desktop Users group or add 'Administrators' to this setting.
0
 

Author Closing Comment

by:SkinnerTech
ID: 39907194
Great response time and accurate answer!
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Like many organizations, your foray into cloud computing may have started with an ancillary or security service, like email spam and virus protection. For some, the first or second step into the cloud was moving email off-premise. For others, a clou…
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
In this Micro Tutorial viewers will learn how to use Windows Server Backup to create full image of their system. Tutorial shows how to install Windows Server Backup Feature on Windows 2012R2 and how to configure scheduled Bare Metal Recovery backup.…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question