Jump to content

Welcome to MSFN Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message will be removed once you have signed in.
Login to Account Create an Account



Photo

Remote Desktop users in Server 2008 R2 domain


  • Please log in to reply
2 replies to this topic

#1
careless_hxuk

careless_hxuk

    Newbie

  • Member
  • 32 posts
  • Joined 08-April 05
I have a client who is having difficulty setting up a Remote Desktop server in their domain. They have added a number of users to the Remote Desktop Users in Active Directory, but their Remote Desktop server is not respecting this, and is instead only allowing users from the local group to have access. It is possible to add users to this group (either manually using Local Users and Groups, or by selecting users in the Remote Access configuration screen), but this is a workaround rather than a fix.

I've tried adding the group DOMAIN\Remote Desktop Users to the SERVER\Remote Desktop Users but this doesn't work as that group simply doesn't appear in the list. I can't see ay relevant group policy settings, and as far as I remember there shouldn't be any need to modify Group Policy anyway. I get the feeling that this is a really simple thing, but I can't figure it out at all.


How to remove advertisement from MSFN

#2
allen2

allen2

    Not really Newbie

  • Member
  • PipPipPipPipPipPipPip
  • 1,814 posts
  • Joined 13-January 06
The Domain Remote desktop users group isn't made for this purpose (it is a domain local group and so only give rights on domain controllers).
The proper way to do things is to create a universal group or global group (depending on your AD level) and add users to this group then add this group to the local group of each remote desktop server (or use a gpo to do this if you have a lot of servers).

#3
careless_hxuk

careless_hxuk

    Newbie

  • Member
  • 32 posts
  • Joined 08-April 05

The Domain Remote desktop users group isn't made for this purpose (it is a domain local group and so only give rights on domain controllers).
The proper way to do things is to create a universal group or global group (depending on your AD level) and add users to this group then add this group to the local group of each remote desktop server (or use a gpo to do this if you have a lot of servers).

Cheers. I had half suspected that this might be the case - now I can go ahead and do this without fear that I might be neglecting a more elegant or proper solution.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users