Can't log on locally to XP after RDP session
- From: Glen Martin <Silmarillion@xxxxxxxxxxxxx>
- Date: Mon, 4 Jun 2007 07:49:01 -0700
Sorry about the new thread - see background info below.
I still don't see a fix for this issue. Another bit of information - I am
able to log on at the console as a domain admin when the problem appears. If
I then log off, the non-admin user is able to log on without encountering the
error.
The problem we have is that we do not want to enable Terminal Services logon
in AD, as we are using it to restrict non-TS users from logging on to our TS.
So that workaround does not work for us.
Another question: Is there any way to apply the TS restrictions in AD to
just the Terminal Server, as opposed to having it affect everyone who uses
RDP to come into an XP host? We use TS and XP RDP hosts for different
purposes, and we would like to restrict who logs onto the TS. Right now,
when we disable a user's TS logon privilege in AD, it also prevents them from
logging onto an XP RDP host.
Glen
Hello,
It seems you are replying another post this newsgroup. If you have any
questions, please feel free to submit your question.
Thanks & Regards,
Ken Zhao
Microsoft Online Support
Microsoft Global Technical Support Center
I have seen the same "BUG". Here's the scenario:
User A is logged into her XP Pro SP2 Dell Desktop. She requests
software to be installed and I use RDC to logon to her computer
remotely using the administrator account to complete the request. I
log off and then she tries to logon locally JUST AS SHE WAS PRIOR TO MY
REMOTE LOGIN, and she gets the "Your logon privilege has been disabled"
error message. This error message is for TERMINAL SERVICES LOGONS but
NOT FOR LOCAL LOGONS. So...why are we getting this message?
THe work-around above "allow logon to terminal server" in the AD Users
and Computers app masks the bug. It appears that once a remote login
takes place using RDC that the subsequent LOCAL logins use the REMOTE
DESKTOP CONNECTION login. You can reboot the computer and it will then
allow a local login without changing the "allow logon to terminal
server" setting in AD Users and Computers. Has anyone found a "fix" for
this?
David
Check the properties of the AD acct that cannot logon locally to the
machine. On the Terminal Services Profile tab, enable the "Allow logon
to terminal server" option. It appears that the computer gets "stuck"
in terminal services mode after a Remote Desktop user logs off. When a
domain user w/o the rights to logon via terminal services subsequently
tries to logon locally, they are denied access.
Two XP Pro machines with all updates. User locally logged onto machine A
using his AD logon. He logs off. From machine B I use Remote Desktops to
log on to machine A as the domain administrator. I log off, which causes a
disconnect. The user trys to locally log onto machine A and gets "Your
interactive logon privilege has been disabled. Please contact your system
administrator.". Local user does a restart and can log on OK. This is
repeatable and happens with multiple instances of Machine A. If, instead of
doing a log off, I do a restart when I am finished with the remote access,
the user can log on locally. But either way, once I have logged on through
Remote Desktops, the machine must be rebooted (restarted) to allow a local
user to log on.
Is this a bug or design? If a bug, what to do to fix it? If design.......?
--
Thanks.... Carl
.
- Follow-Ups:
- Re: Can't log on locally to XP after RDP session
- From: TP
- RE: Can't log on locally to XP after RDP session
- From: "Ken Zhao [MSFT]"
- Re: Can't log on locally to XP after RDP session
- Prev by Date: Rasdial problems
- Next by Date: Password will not save for Win2k RDP sessions
- Previous by thread: Rasdial problems
- Next by thread: RE: Can't log on locally to XP after RDP session
- Index(es):
Relevant Pages
|
Loading
