Remote Desktop not allowing a user to remote onto her machine

I used this question in the past to solve a Remote Desktop problem:

However today I have a problem that is not resolving.  A user needs to remote onto her desktop and I keep seeing this:

Login failed. (4320)
 Try using Administrator credentials or ensure you have User Access Control permissions.

what should I look at? Her machine is Win7Pro and the domain server is an SBS 2008.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Randy DownsOWNERCommented:
See if  this helps must be logged on as a member of the Domain Admins security group.

Start the Remote Access Wizard.
Follow the instructions to complete the wizard.
Once you finish the wizard, you can configure client computers to remotely connect to the local network by doing one of the following:
To configure mobile client computers, such as laptops, that are currently connected to the local network, run the Set Up Computer Wizard, and then select the option to install Connection Manager.
To configure remote client computers not currently connected to the local network, you can create a remote connection disk. You can then use the disk to configure the remote client computer to connect to the local network. Alternatively, users can download Connection Manager from the Remote Web Workplace.
For more information about configuring client computers, see Connect remotely to the server. For more information about using the Remote Web Workplace, see Understanding Remote Web Workplace.
You must also assign users to the Mobile Users security group so they have the necessary permissions for remotely accessing the local network. To do so, assign the Mobile User template, Administrator template, or Power User template to the user account by doing one of the following:
To make existing users a member of this group, run the Change User Permissions Wizard.
If the user does not currently exist, run the Add User Wizard.
wfcrrAuthor Commented:
Still not able to get it working.  I can log on using the network administrator logon, but any other user credentials will not logon.
Randy DownsOWNERCommented:
Try this.

"Allow log on through Terminal Services" security policy setting, and by default it's only set to allow administrators.  Clicking the "Explain" tab says this:

Allow log on through Terminal Services

This security setting determines which users or groups have permission to log on as a Terminal Services client.


On workstation and servers: Administrators, Remote Desktop Users.
On domain controllers: Administrators.
Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

wfcrrAuthor Commented:
Can you help with a specific area I need to go to? Idiot proof instructions are greatly appreciated.

I have looked in all the area's I know to look.
Randy DownsOWNERCommented:
This seems pretty comprehensive. They are referring to thin client which is essentially what RDP is. If the previous article is correct, you are looking for "Allow log on through Terminal Services" but accessing the security settings should be the same  via gpupdate. Since this is a domain,m you run the procedure on the server.

The simplest way to resolve this issue is to add your thin client users into the Remote Desktop Users Group (or any other group for that matter) then grant that OU the "Allow log on through Remote Desktop Services" ("Terminal Services" in pre 2008 R2 releases) via:
Start > Run > gpedit.msc
Expand: Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Management
Select: Allow log on through Remote Desktop Services
Add Remote Desktop Users to the Policy.
To apply the changes: Start > Run > gpupdate /force
Christopher RourkeProject & QA Manager @ Experts ExchangeCommented:
Greetings wfcrr,

Are you attempting to use Remote Desktop Connection found standard on Windows machines or is there a 3rd party software at play? Something like say, LogMeIn? I only ask because the error code you posted, 4320, correlates to a semi-recent support article (July 2017) on LogMeIn's user guide:
wfcrrAuthor Commented:
Yes, I it a LogMeIn issue, now that you mention it. I just resolved it with LogMeIn.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
wfcrrAuthor Commented:
I want to be able to find this again, in the future and I frequently don't look at my own answers. Gave all the points to Christopher, cuz, that's what the issue was.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Remote Access

From novice to tech pro — start learning today.