Re: Users can't use terminal services !!!
- From: "Vera Noest [MVP]" <vera.noest@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 27 Jun 2006 12:49:38 -0700
I'm sorry, but I have run out of ideas. Have no experience with TS on
a DC either. If no one else jumps in, your best option is to call
Microsoft Support.
_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
___ please respond in newsgroup, NOT by private email ___
=?Utf-8?B?UGF1bG8gU291c2E=?=
<PauloSousa@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote on 27 jun 2006 in
microsoft.public.windows.terminal_services:
Hello again..
I've checked rdp-tcp connection permissions, the remote
desktop users was
already added.
I'm editing the policy in the DC and found the policie "Deny
logon
through TS", witch was "not defined" and changed to defined and
empty.
And still getting the same message at logon through TS, the
user has no
permission to logon in TS, even for the Administrator !
Thanks for your help.
Paulo Sousa
"Vera Noest [MVP]" wrote:
Try adding the user group directly to the rdp-tcp connection
permissions.
About not seeing the "Logon through TS" user right: it's in the
same place as the "Allow log on locally" setting. Note that at
some time, the wording changed from "Allow logon through TS" to
"Deny logon through TS".
Are you editing the policies from your DC? Have you checked if
you have the latest .adm template files?
_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
___ please respond in newsgroup, NOT by private email ___
=?Utf-8?B?UGF1bG8gU291c2E=?=
<PauloSousa@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote on 27 jun 2006 in
microsoft.public.windows.terminal_services:
Yes, I want to use the DC as a TS also. It's a small local
network with 3
workstations.
I gave the users rights to "Log on locally", and they can
log on at the
DC console. But with Terminal services they keep receiving
the message that don't have right to log on through terminal,
to add them to "remote desktop users" witch they already
belong to.
And I still can't find the policie "Log on through
terminal services",
is there something that I missed that fail to activate this
policie?
thanks
Paulo Sousa
"Vera Noest [MVP]" wrote:
OK, the problem is that the TS is running on a DC. This is
*not* recommended, for both security and performance
reasons. You are allowing your users to use your DC as their
personal workstation, with very few possibilities to lock
the server down.
If you want to continue with this setup, you will also have
to give the users the user right to "Logon locally" in your
Default Domain Controller Security Policy.
_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
___ please respond in newsgroup, NOT by private email ___
=?Utf-8?B?UGF1bG8gU291c2E=?=
<PauloSousa@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote on 26 jun 2006
in microsoft.public.windows.terminal_services:
Thanks for your reply!
Yes, this TS is a domain controller.
The right is set in users account properties.
And I can't find in any of the policies the "Log on
through Terminal
Services" right.
thanks again.
Paulo Sousa
"Vera Noest [MVP]" wrote:
This user right can be found in the user account
properties in AD, on the "Terminal Services profile" tab.
It can also be set in your Default Domain Policy, under
Windows Settings - Security Settings - Local Policies -
User rights Assignments
"Log on through Terminal Services"
Did you add your users to the *local* Remote Desktop
Users group on the Terminal Server (as opposed to the
domain wide Remote Users group)?
This TS is not a Domain Controller, is it?
_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
___ please respond in newsgroup, NOT by private email ___
=?Utf-8?B?UGF1bG8gU291c2E=?= <Paulo
Sousa@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote on 26 jun 2006 in
microsoft.public.windows.terminal_services:
Hello, I've installed Terminal Services on a Windows
2003 R2, and
purchased CAL licenses for the Terminal services server
and activated them.
But now I'm stuck on the message "The user doesn't
have permission to
logon to terminal services", something like this, and
"Add user to group Remote desktop users".
I've added the users to the "Remote desktop users"
group, but still
nothing, not even the Administrator can logon to
terminal services.
I think it's a problem with policies, because I
can't find the policie
for the right to logon remotly to the server.
Thanks for any help
Paulo Sousa
- References:
- Re: Users can't use terminal services !!!
- From: Vera Noest [MVP]
- Re: Users can't use terminal services !!!
- From: Paulo Sousa
- Re: Users can't use terminal services !!!
- From: Vera Noest [MVP]
- Re: Users can't use terminal services !!!
- From: Paulo Sousa
- Re: Users can't use terminal services !!!
- From: Vera Noest [MVP]
- Re: Users can't use terminal services !!!
- From: Paulo Sousa
- Re: Users can't use terminal services !!!
- Prev by Date: Terminal server copy/paste issue...
- Next by Date: Re: Removing existing Win 2000 Terminal licenscing from 2003 Server
- Previous by thread: Re: Users can't use terminal services !!!
- Next by thread: Can't find licensing server
- Index(es):
Relevant Pages
|
