RE: RWW & user rights
- From: v-crinal@xxxxxxxxxxxxxxxxxxxx ("Crina Li")
- Date: Mon, 24 Apr 2006 05:23:03 GMT
Hi Steve,
Thank you for posting in SBS newsgroup.
From your description, I understand you can not connect to remote desktopthrough clicking Connect to my computer at work from RWW using Power user
account. And you received the error of "The local policy of this system
does not permit you to logon interactively". If I have misunderstood your
concerns, please do not hesitate to let me know.
Based on my experience, there are some root causes of this issue, so please
check the following settings:
I suggest you do the following steps on the affected XP client:
1. Check if the user account is a member of the local Remote Desktop Users
group. For detailed information, please refer to the following KB article:
289289 Remote desktop connection "The local policy of this system does not
http://support.microsoft.com/?id=289289
2. Click Start->Run, type "gpedit.msc" (without the quotes) and click OK.
3. Go to Computer Configuration\Windows Settings\Security Settings\Local
Policies\User Rights Assignment.
4. Double click the "Access this computer from the network" policy and make
sure the following groups are listed:
Administrators
Everyone
Power Users
Users
5. Double click the "Allow logon through Terminal Services" policy and make
sure the following groups are listed:
Administrators
Remote Desktop Users
6. Check the "Deny access to this computer from the network" policy and
make sure the groups mentioned above are NOT listed.
7. Check the "Deny logon locally" policy and make sure the groups mentioned
above are NOT listed.
8. Check the "Deny logon through Terminal Services" policy and make sure
the groups mentioned above are NOT listed.
9. Check the "Log on locally" policy and make sure the following groups
are listed:
Administrators
Guest
Power Users
Users
10. Close the "Gourp Policy" window.
11. Click Start->Run, type "gpupdate /force" (without the quotes) and click
OK.
12. Right click My Computer on the desktop and choose Manage.
13. Go to System Tools\Local Users and Groups\Groups and double click the
Remote Desktop Users group.
14. Add the domain users or groups that want to RDP to the computer and
click OK. Check if everything is OK.
15. Check account setting on SBS:
1) Open Active Directory Users and Computers on SBS Server
2) Find the user account, right click on it and go to Properties.
3) On the Terminal Services Profile tab, place a check in the box labeled
"Allow logon to terminal server".
4) Click OK.
More information:
886206 Users cannot connect to your Small Business Server 2003 computer by
http://support.microsoft.com/?id=886206
Hope the information help and I look forward to your reply.
Best regards,
Crina Li (MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: "Steve" <steve@xxxxxxxxxxxx>
| Subject: RWW & user rights
| Date: Fri, 21 Apr 2006 16:52:19 +0100
| Lines: 13
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2869
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2869
| X-RFC2646: Format=Flowed; Original
| Message-ID: <#BFCVuVZGHA.4580@xxxxxxxxxxxxxxxxxxxx>
| Newsgroups: microsoft.public.windows.server.sbs
| NNTP-Posting-Host: 62-249-224-177.no-dns-yet.enta.net 62.249.224.177
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP03.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:262280
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| I've setup 2 power users
| These users need access to RWW and their workstations
|
| When I try to logon to a PC as a Power user - I get a message saying
| "the local policy of the system dosen't allow interacative logon"
|
| Surely I don't need to provide these users with ADMIN rights
|
| !!!HELP!!!
|
| What have I done wrong ??
|
|
|
.
- References:
- RWW & user rights
- From: Steve
- RWW & user rights
- Prev by Date: Re: unable to change the default email address for an account
- Next by Date: RE: group policy
- Previous by thread: RWW & user rights
- Next by thread: Re: backup,backup,backup!!!
- Index(es):
Relevant Pages
|
Loading
