Re: Log on Interactively
- From: Brett Gibson <BrettGibson@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 18 May 2005 15:43:39 -0700
The server is a Windows 2003 Enterprise Edition Server
It is a member server.
It appears that the permissions on the rdp-tcp connection was the problem.
I added the Remote Desktop Users group to the permissions tab with the User
Access rights. I then added the Terminal Services User group that I had
created as member of this Remote Desktop Users group. The login appears to
be working now.
I do have another question though...what is the purpose of the check box
called "Allow logon to terminal server on the Terminal Services Profile tab
of the user's properties if you have to assign them to the group anyway?
Thanks,
Brett Gibson
Gibson Teldata, Inc.
"Vera Noest [MVP]" wrote:
> Is the TS running W2K or 2003?
> Is the TS also a Domain Controller, or a member server?
> What are the permissions on the rdp-tcp connection?
>
> --
> Vera Noest
> MCSE, CCEA, Microsoft MVP - Terminal Server
> http://hem.fyristorg.com/vera/IT
> --- please respond in newsgroup, NOT by private email ---
>
> =?Utf-8?B?QnJldHQgR2lic29u?=
> <BrettGibson@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote on 18 maj 2005 in
> microsoft.public.windows.terminal_services:
>
> > I am having problems with getting a user to be able to login to
> > Terminal Services.
> >
> > The error that I am getting is:
> >
> > -----------
> >
> > Logon Message
> >
> > The local policy of this system does not permit you to logon
> > interactively.
> >
> > ------------
> >
> > I have created a security group called Terminal Services User
> > and added the user as member of the group.
> >
> > I have created a Group Policy and assigned the Terminal Services
> > User to the scope. I also have the Terminal Services machine
> > assigned to an OU called Terminal Servers that are also assigned
> > to the scope. There are no other Group Policies overriding
> > these.
> >
> > Here is what I have assigned to the Group Policy so far:
> >
> > Windows Settings
> > Security Settings
> > Local Policies/User Rights Assignment
> > Policy Setting
> > Allow log on locally BGIBSONCOM\Terminal Services User,
> > BUILTIN\Administrators
> >
> > Local Policies/Security Options
> > Devices
> > Policy Setting
> > Devices: Restrict CD-ROM access to locally logged-on user only
> > Enabled Devices: Restrict floppy access to locally logged-on
> > user only Enabled
> >
> > Interactive Logon
> > Policy Setting
> > Interactive logon: Do not display last user name Enabled
> >
> > System Services
> > Help and Support (Startup Mode: Disabled)
> > Permissions
> > No permissions specifiedAuditing
> > No auditing specified
> > Administrative Templates
> > Windows Components/Terminal Services
> > Policy Setting
> > Restrict Terminal Services users to a single remote session
> > Enabled
> >
> > Windows Components/Windows Installer
> > Policy Setting
> > Disable Windows Installer Enabled
> > Disable Windows Installer Always
> >
> >
> > User Configuration (Enabled)
> > No settings defined.
> >
> > Brett Gibson
> > Gibson Teldata, Inc.
>
.
- References:
- Log on Interactively
- From: Brett Gibson
- Re: Log on Interactively
- From: Vera Noest [MVP]
- Log on Interactively
- Prev by Date: Re: Ports used by Remotedesktop
- Next by Date: change listening port
- Previous by thread: Re: Log on Interactively
- Next by thread: Users cannot Place items on Desktop
- Index(es):
Relevant Pages
|
