Re: Connect to my computer at work

Sounds great.
I was planning on doing more with GPO (mainly for security reasons) but
before doing that i should learn more about how policies work.

Thank you very much for this advice
Itan Barmes


"Lanwench [MVP - Exchange]"
<lanwench@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:eZ15$bBPIHA.4880@xxxxxxxxxxxxxxxxxxxxxxx
itan <itan.bar@xxxxxxxxx> wrote:
I am trying to connect to a computer via RWW but when i enter a user
and password (in the remote desktop screen) i get the message: The
local policy of this system does not premit you to log on
interactively. If i add the user as a local administrator then the
problem is
solved, but of course this is not the best solution.

How can i solve this?

Thanks in advance
Itan Barmes

Add the user (or a group) to the local workstation's Remote Desktop users
group. I personally add the entire AD group "Remote Web Workplace Users"
to each computer, as I don't care about who can log in remotely to which
machine. I also like to set up AD groups called LocalAdmin,
LocalPowerUser, so I can easily grant/revoke those rights as needed from
the server when I need to test/troubleshoot something, or install software
as the user account. .

Here's what I do to make life easier - I set up a batch file & assign it
as a startup script. The batch file has this:
........
net localgroup administrators DOMAIN\localadmin /add
net localgroup power users DOMAIN\localpoweruser /add
net localgroup remote desktop users "DOMAIN\Web Workplace Users" /add
........

I set this up in my own GPO linked at the appropriate OU (I would where
your computers live (if you haven't created custom ones, you'll need to -
unless you're using SBS, which creates its own hierarchy).

Edit the GPO - go to Computer Configuration \ Windows Settings \ Scripts
(startup/shutdown)
Double-click Startup, click Add
Copy the batch file you created to the clipboard, then paste it in the
window here
Exit/apply/ok/finish whatever

All the computers in this OU should have the startup script applied when
they restart, and you can now control all this at the server.




.

Relevant Pages

  • Re: Connect to my computer at work
    ... I was planning on doing more with GPO ... Itan Barmes ... Add the user to the local workstation's Remote Desktop ... All the computers in this OU should have the startup script applied ...
    (microsoft.public.windows.server.sbs)
  • Re: User Management
    ... you - and your manager - and install it in one fell swoop. ... ideas - but here's my list of minimal GPO settings. ... for Remote Desktop access, too - in this case, RDaccess (SBS has ... All the computers in this OU should have the startup script applied ...
    (microsoft.public.windows.server.sbs)
  • Re: User Management
    ... and your manager - and install it in one fell swoop. ... ideas - but here's my list of minimal GPO settings. ... for Remote Desktop access, too - in this case, RDaccess (SBS has ... All the computers in this OU should have the startup script applied ...
    (microsoft.public.windows.server.sbs)
  • Re: User Management
    ... you - and your manager - and install it in one fell swoop. ... create one for Remote Desktop access, too - in this case, RDaccess ... Copy the batch file you created to the clipboard, ... All the computers in this OU should have the startup script applied ...
    (microsoft.public.windows.server.sbs)
  • Re: Remote Desktop in Firewall Group Policy
    ... I would check the config at the desktop to ensure they are getting the GPO. ... acquired the correct settings for port/service/scope for the RDP service. ... >> Enabling a hole in the firewall for RDP does not necessarily turn the ... >> is where Remote Assistance is enabled and Remote Desktop is disabled. ...
    (microsoft.public.windows.group_policy)