Re: Remote Desktop Logon to Server
From: Richard G. Harper (rgharper_at_email.com)
Date: 09/23/04
- Next message: Lanwench [MVP - Exchange]: "Re: Allocate IP /Subnet Address based on OU"
- Previous message: Richard G. Harper: "Re: Cannot Log On Interactively"
- In reply to: Chaplain Doug: "Re: Remote Desktop Logon to Server"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 23 Sep 2004 18:46:41 -0400
Go into AD Domain Policies, pick the DC policy and edit it, then change the
User Rights assignments under Local Policies. Add the users you want to be
able to log onto the DCs. Done.
This is a bad, BAD idea; by the way.
-- Richard G. Harper [MVP Win9x] rgharper@email.com * PLEASE post all messages and replies in the newsgroups * for the benefit of all. Private mail is usually not replied to. * My website, such as it is ... http://rgharper.mvps.org/ * HELP us help YOU ... http://www.dts-l.org/goodpost.htm "Chaplain Doug" <anonymous@discussions.microsoft.com> wrote in message news:175e01c4a174$8f795bb0$a401280a@phx.gbl... > Don't know why I chose the word "administrative." Indeed > an apparent contradiction. What I want to do is allow a > person to logon to the server in a restricted mode. I DO > NOT want them to have administrative capabilities. > > At present the only way I have been able to make their > remote logon work is to make them a member of the > Administrators group. This is not what I wanted to do. I > want their logon to the server to be a restricted logon > (not super user or administrator). How do I accomplish > this? > > I tried placing their user name in the local security > settings-local policies-user rights assignment-log on > locally, but they were still unable to log on after the > change (this was before I put them into the Administrator > group). What else could I try? > > > > >>-----Original Message----- >>First, it sounds like you have login restrictions on your > server, either >>from Active Directory or from the local Machine > Policies. You need to >>change whichever is in force to allow other than > Administrator users to log >>in. >> >>Your second request is a contradiction in terms. To > allow someone >>"administrative" access to a server allows them full > access. >> >>-- >>Richard G. Harper [MVP Win9x] rgharper@email.com >>* PLEASE post all messages and replies in the newsgroups >>* for the benefit of all. Private mail is usually not > replied to. >>* My website, such as it is ... http://rgharper.mvps.org/ >>* HELP us help YOU ... http://www.dts-l.org/goodpost.htm >> >> >>"Chaplain Doug" <anonymous@discussions.microsoft.com> > wrote in message >>news:0f0a01c4a0db$cf5c2120$a401280a@phx.gbl... >>> Windows 2000 Server. I want to allow a remote user to >>> logon to my server (via remote desktop) for some limited >>> work. At present, when they try to logon the server >>> says, "The local policy of this system does not permit > you >>> to logon interactively." >>> >>> First, what must I change to allow this user to logon to >>> my server remotely via remote desktop? >>> >>> Second, how can I restrict the user's activities so that >>> they are only able to do administrative things on the >>> server? >>> >>> Thanks. >> >> >>. >>
- Next message: Lanwench [MVP - Exchange]: "Re: Allocate IP /Subnet Address based on OU"
- Previous message: Richard G. Harper: "Re: Cannot Log On Interactively"
- In reply to: Chaplain Doug: "Re: Remote Desktop Logon to Server"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
