Welcome to MSFN

Register now to gain access to all of our features. Once registered and logged in, you will be able to contribute to this site by submitting your own content or replying to existing content. You'll be able to customize your profile, receive reputation points as a reward for submitting content, while also communicating with other members via your own private inbox, plus much more! This message will be removed once you have signed in.


Sign in to follow this  
Followers 0
careless_hxuk

Remote Desktop users in Server 2008 R2 domain

3 posts in this topic

I have a client who is having difficulty setting up a Remote Desktop server in their domain. They have added a number of users to the Remote Desktop Users in Active Directory, but their Remote Desktop server is not respecting this, and is instead only allowing users from the local group to have access. It is possible to add users to this group (either manually using Local Users and Groups, or by selecting users in the Remote Access configuration screen), but this is a workaround rather than a fix.

I've tried adding the group DOMAIN\Remote Desktop Users to the SERVER\Remote Desktop Users but this doesn't work as that group simply doesn't appear in the list. I can't see ay relevant group policy settings, and as far as I remember there shouldn't be any need to modify Group Policy anyway. I get the feeling that this is a really simple thing, but I can't figure it out at all.

0

Share this post


Link to post
Share on other sites

The Domain Remote desktop users group isn't made for this purpose (it is a domain local group and so only give rights on domain controllers).

The proper way to do things is to create a universal group or global group (depending on your AD level) and add users to this group then add this group to the local group of each remote desktop server (or use a gpo to do this if you have a lot of servers).

0

Share this post


Link to post
Share on other sites

The Domain Remote desktop users group isn't made for this purpose (it is a domain local group and so only give rights on domain controllers).

The proper way to do things is to create a universal group or global group (depending on your AD level) and add users to this group then add this group to the local group of each remote desktop server (or use a gpo to do this if you have a lot of servers).

Cheers. I had half suspected that this might be the case - now I can go ahead and do this without fear that I might be neglecting a more elegant or proper solution.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.