Re: TS Login Problem to challenge the brightest TS Guru's

Lance - do new users get an error message while trying to logon? What is it?

--
Maxim Oustiougov,
Terminal Services Program Manager

This posting is provided "AS IS" with no warranties, and confers no rights.

"Lance" <Lance@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:AC7A0B71-ACCB-497C-BDFC-E13E4C974FE8@xxxxxxxxxxxxxxxx
I am running 3 x Windows ENT 2003 Servers, 2 of which are running TS (one
is
a test server the other a production server).

Everything has been working beautifully until the group policy on the PDC
became corrupted, don't ask me how I have no idea it just did.

When I went to try and edit it would give me some strange message about it
not existing and all this hieroglyphics would appear in the error message.
Weird, and no it was not a virus.

Anyway I managed to restore the group policy on the PDC however ever since
then any new users I attempt to add to AD will not log on to the TS.

All the users which existed prior to the group policy being replaced work
fine, but any new ones just wont log on. Their permissions etc are all
identical to the ones which can log on.

I have checked the Security Audit Logs and the failed to log on users get
event ID 672 (authentication ticket request) and 673 (service ticket
request)
both with no result code or failure code. Then that is it, nothing else is
logged!

The successful users get the same, however they also get event ID 540
(successful network logon).

Like I said everyone is a member of the remote user group, every user has
exactly the same permissions, it is just that every new user created can
not
log on.

I have checked licensing and there are plenty left.

Any help would be greatly appreciated; even a way of resetting the AD &
Group Policy to system default without losing user data would be great. I
would rather not have to start building the PDC from scratch.

Thanks heaps for reading.

Hope someone can help.


.

Relevant Pages

  • Re: Not authorized to logon to Domain from this PC - error message
    ... Group policy? ... This would give a slightly different error message though so it may not be the answer. ... In the process Domain Users get "Not authorized to logon to Domain from ...
    (microsoft.public.security)
  • Re: Logon Interactively Issue
    ... If the client is in a domain you will need to determine what group policy ... > have had several XP Pro systems 'suddenly' not able to logon to our ... > The error message is: ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Mapped F Drive - group policy update problem
    ... where is the fast optimization group policy that you ... Always wait for the network at computer startup and logon ... Determines whether Windows XP waits for the network during computer startup ...
    (microsoft.public.windows.server.active_directory)
  • RE: Restrict logon hours
    ... Change Logon Times for a User Account ... Edit the user account properties by using the net user command. ... Enforce Logon Time Restrictions Using Group Policy ...
    (microsoft.public.win2000.group_policy)
  • RE: Cant log on locally to XP after RDP session
    ... I found the following article about this error message. ... 265382: Error Message: Your Interactive Logon Privilege Has Been Disabled. ... have a check in the box for "Allow logon to Terminal Server." ... Microsoft Online Support ...
    (microsoft.public.windowsxp.work_remotely)
Loading