• Announcements

    • xper

      MSFN Sponsorship and AdBlockers!   07/10/2016

      Dear members, MSFN is made available via subscriptions, donations and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, become a site sponsor and ads will be disabled automatically and by subscribing you get other sponsor benefits.
Sign in to follow this  
Followers 0
careless_hxuk

Remote Desktop users in Server 2008 R2 domain

3 posts in this topic

I have a client who is having difficulty setting up a Remote Desktop server in their domain. They have added a number of users to the Remote Desktop Users in Active Directory, but their Remote Desktop server is not respecting this, and is instead only allowing users from the local group to have access. It is possible to add users to this group (either manually using Local Users and Groups, or by selecting users in the Remote Access configuration screen), but this is a workaround rather than a fix.

I've tried adding the group DOMAIN\Remote Desktop Users to the SERVER\Remote Desktop Users but this doesn't work as that group simply doesn't appear in the list. I can't see ay relevant group policy settings, and as far as I remember there shouldn't be any need to modify Group Policy anyway. I get the feeling that this is a really simple thing, but I can't figure it out at all.

0

Share this post


Link to post
Share on other sites

The Domain Remote desktop users group isn't made for this purpose (it is a domain local group and so only give rights on domain controllers).

The proper way to do things is to create a universal group or global group (depending on your AD level) and add users to this group then add this group to the local group of each remote desktop server (or use a gpo to do this if you have a lot of servers).

0

Share this post


Link to post
Share on other sites

The Domain Remote desktop users group isn't made for this purpose (it is a domain local group and so only give rights on domain controllers).

The proper way to do things is to create a universal group or global group (depending on your AD level) and add users to this group then add this group to the local group of each remote desktop server (or use a gpo to do this if you have a lot of servers).

Cheers. I had half suspected that this might be the case - now I can go ahead and do this without fear that I might be neglecting a more elegant or proper solution.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.