Re: Allowing a Domain User Remote Desktop Access

Tech-Archive recommends: Speed Up your PC by fixing your registry

OK. What I would do next is to run the netdiag support tool on the domain
controller and that computer. Such problems are often dns related. The link
below shows how dns must be configured in an Active Directory domain. A
common problem is that domain computers have an ISP dns server in there
preferred dns server list as shown by ipconfig /all. -- Steve

http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B291382

"Scott O'Sullivan" <drear80@xxxxxxxxxxx> wrote in message
news:uQ2FaLJRFHA.3336@xxxxxxxxxxxxxxxxxxxxxxx
> Thanks for the reply, I tried running the command line you recommended and
> received this error,
>
> "System error 1789 has occurred.
>
> The trust relationship between this workstation and the primary domain
> failed."
>
> That's given me some more info to work around, thx. Anymore details anyone
> could provide would also be appreciated.
>
> Scott.
>
>
> "Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxx> wrote in message
> news:uyDeB3IRFHA.1416@xxxxxxxxxxxxxxxxxxxxxxx
>> Verify that the domain computer in question has proper connectivity to a
>> domain controller and that there is not a problem with the domain
>> computer account. The support tool netdiag would be the easiest way to do
>> such. You could also try command line as in [ net localgroup "remote
>> desktop users" "domainname\account" /add ]. --- Steve
>>
>>
>> "Scott O'Sullivan" <drear80@xxxxxxxxxxx> wrote in message
>> news:%23NljKcYQFHA.3448@xxxxxxxxxxxxxxxxxxxxxxx
>>> I've tried this with no success. Anyone want to shed some light here.
>>> How can I add a domain user account to a machine's local Remote Desktop
>>> Users group. If I try and add users to the local group, I can only
>>> choose from local users. Hitting 'Locations' doesn't give me any other
>>> options.
>>>
>>> Scott.
>>>
>>> "Roger Abell" <mvpNOSpam@xxxxxxx> wrote in message
>>> news:uXuCwdAPFHA.2384@xxxxxxxxxxxxxxxxxxxxxxx
>>>> The domain group named Remote Desktop Users controls
>>>> RDP login to the domain controllers only.
>>>> You need to
>>>> 1. make sure Domain Users or the account is a member of
>>>> the workstation's Users group
>>>> 2. the account is a member of the machine's Remote Desktop
>>>> Users group
>>>>
>>>> --
>>>> Roger
>>>> "Scott O'Sullivan" <drear80@xxxxxxxxxxx> wrote in message
>>>> news:uHo0Pd%23OFHA.3704@xxxxxxxxxxxxxxxxxxxxxxx
>>>>> Hi,
>>>>>
>>>>> I'm trying to grant access to a domain user allowing them to logon to
>>>>> another workstation in the domain with remote desktop. When I try and
>>>>> connect remotely using their account, I get the error message, 'The
>>>>> local
>>>>> policy of this system does not allow you to logon interactively'.
>>>>>
>>>>> The default local policy on the workstation has the setting:
>>>>> Computer Configuration>Windows Settings>Security Settings>Local
>>>>> Policies>User Rights Assignment>Allow logon through terminal services:
>>>>> Administrators, Remote Desktop Users.
>>>>>
>>>>> The domain user account I'm trying to logon with, is a member of the
>>>>> following groups: Domain Users, Remote Desktop Users.
>>>>>
>>>>> Because the local policy is referring to the local group, Remote
>>>>> Desktop
>>>>> Users, it doesn't seem to recognise the domain user as a member, even
>>>> though
>>>>> it's a member of the Remote Desktop Users group in Active Directory.
>>>>>
>>>>> Logging on remotely with a domain admins account works fine, as all
>>>>> administrators/domain administrators have access by default.
>>>>>
>>>>> How can I grant access to this domain user account allowing them to
>>>> remotely
>>>>> connect to this workstation? Any help given would be greatly
>>>>> apprecitated.
>>>>>
>>>>> Thx,
>>>>> Scott O'S.
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>


.

Relevant Pages

  • Re: Cant find domain at logon with New DC up and original down
    ... Point the second domain controller to this original DC for primary DNS ... This event log message will appear once per connection, ... To test I promoted an additional server and the same issue ...
    (microsoft.public.windows.server.active_directory)
  • Re: "The remote procedure call was cancelled" - child domain replication error
    ... > "Active Directory Installation Wizard ... > from the remote domain controller ROOT-PDC-01.COMPANY.COM. ... > installed DNS for me. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Windows 2000 users accounts get locked out
    ... Yes i did a netdiag and seems ok but dcdiag generated some ... valid only on Windows 2000 DNS servers. ... Account Name: "valid user id" Target Account ID: % ... >in Domain Controller Security Policy. ...
    (microsoft.public.win2000.security)
  • RE: Active directory and DNS problems... help!
    ... > I'm having some problems with active directory and DNS - seems the DNS ... There is also a w2k3 domain controller in the ... > The DNS server was unable to open Active Directory. ...
    (microsoft.public.windows.server.active_directory)
  • Re: NEWBIE Question
    ... Double check both Share AND Security Tab. ... XPs and DC ONLY pointing to itself for DNS in their IP properties? ... I assume there are no AD errors in the Event logs? ... domain controller and one from a sample workstation please. ...
    (microsoft.public.windows.server.networking)