Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Remote Desktop Users group problem

Status
Not open for further replies.
pkirill

pkirill

Technical User
Jun 15, 2002
134
US
I'm a bad egg and have cross posted this with the Remote Access forum - so apologies in advance...

I have a Windows 2003 server that is a dedicated Terminal Services/Remote Desktop machine. It is a member of our domain (also Win2K3), but not a controller (or PDC). The problem I have is that our remote desktop server does not recognize the Remote Desktop Users group from the PDC or domain level. When I open the TS Configuration, right click on the connection, select Properties and then the Permissions tab, I cannot add the domain level RD Users group. All I can add is the local Remote Desktop Users Group. Which means that whenever I need to give someone Remote Desktop access, I have to do it on the Remote Desktop server. I cannot just add them to the RD users group from their account settings.

Anyone have any ideas what I may have done wrong?

Thanks in advance!
 
Sort by date Sort by votes
Are u a domain administrator on your domain? You should not have a problem adding users to the Remote Desktop Users built-in domain group if this is the case. Also bare in mind that this is a dangerous practice since this will enable users to be able to logon onto all servers running Terminal services (unless blocked by policy of course)
 
Upvote 0 Downvote
Once you add your own user as Remote Desktop User on that machine, it should be no harder to add more users to the local Remote Desktop Users than the domain built-in group.

You could also use group policy to edit the "Allow log on through Terminal Services" user rights assignment on specific computers, like the 2003 server you mentioned.
*Just a thought

Thanks,

Chris
 
Upvote 0 Downvote
Thanks for those responses! I am the administrator (for what it's worth) and I have one machine dedicated as a remote desktop machine. We're a small-ish firm of 45 and I have 5 remote users that need access to this machine to access one application that can't be used over VPN. So truly, adding them to the local (ie SERVER\REMOTE DESKTOP USERS) built-in group is not a huge issue.

I did try adding them through the TS access policy in group policy and while that shows up as policy on the RD machine, it did not allow access.

I guess more than anything I'm curious as to why I can't add them to the RDU group on the PDC and have that picked up on the RD machine. I wonder if that's just the way it works, or if I've configured something wrong...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
523
MaioMaio
MaioMaio
ravalos
  • Locked
  • Question
Problem with PDFs in IIS
Replies
1
Views
1K
gbaughma
gbaughma
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
910
suncit
suncit
iCDT
  • Locked
  • Question
Remote Desktop Web Access ( No application available)
Replies
2
Views
314
hairlessupportmonkey
hairlessupportmonkey
StevenFromSouth
  • Locked
  • Question
VPN Connects but cannot access remote network computers or folders
Replies
1
Views
329
StevenFromSouth
StevenFromSouth

Part and Inventory Search

Sponsor

Back
Top