Go Back   TechArena Community > Technical Support > Computer Help > Windows Server > Active Directory
Become a Member!
Forgot your username/password?
Register Tags Active Topics RSS Search Mark Forums Read

Sponsored Links



I can't grant terminal access to users in GPO

Active Directory


Reply
 
Thread Tools Search this Thread
  #1  
Old 04-04-2007
Member
 
Join Date: Feb 2006
Posts: 185
I can't grant terminal access to users in GPO

I am using 4 servers in OU "TermServ", and I would like to grant terminal access to these servers to some users by GPO. I am trying to create a new GPO "terminal_access" in OU "TermServ" and give a next access right. After that I execute gpupdate /force. But if I am trying to connect by RDS to one of these servers it give me an error that I must have Terminal Server User Access permissions. In gpresult -v on these servers I see that my GPO was applied successfully:


GPO: terminal_access
Policy: RemoteInteractiveLogonRight
Computer Setting: Administrators
Domain\Domain Admins
Domain\TestTermUser

But when I add user for Test locally to group Remote Desktop Users, its fine, but I want to add this user through GPO. So, can anyone tell me how to do that? Thanks.

Reply With Quote
  #2  
Old 04-04-2007
Member
 
Join Date: Oct 2005
Posts: 449
Re: I can't grant terminal access to users in GPO

The user right RemoteInteractiveLogonRight is the only one part of being able to log into a TS server that has remote login enabled. The other part is the permissions in the TS config, which you can connect to in the properties of the RDP in the TS confid mmc. It was the later versions of the OS which is pre-populated with the group Remote Desktop Users, hence adding you domain user to that group allowed login. You can define a domain group to hold the domain accounts that should be allowed TS login and then add this domain group to the Remote Desktop Users by a restricted group definition in GPO.
Reply With Quote
  #3  
Old 04-04-2007
Member
 
Join Date: Jan 2006
Posts: 192
Re: I can't grant terminal access to users in GPO

I dont know but it should have been working. Did you try to perform a gpresult or rsop.msc to examine how the GPOs applies to the system? Otherwise I would have recommend examine how the GPOs applies to the system? Otherwise I would recommend to use Restricted Groups within a Group Policy to add another Group within AD to the local Remote Users group, have you though about that option?
Reply With Quote
  #4  
Old 05-04-2007
Member
 
Join Date: Jan 2006
Posts: 6,912
As per my knowledge, the users or groups need to be added to the Remote Desktop Users on the local server. What I have done is grant access for a group on the local TS server in the Remote Desktop users group and then whatever users you need to add, just add them to the group and then everything would be working fine.
Reply With Quote
Reply

  TechArena Community > Technical Support > Computer Help > Windows Server > Active Directory
Tags: ,



Thread Tools Search this Thread
Search this Thread:

Advanced Search


Similar Threads for: "I can't grant terminal access to users in GPO"
Thread Thread Starter Forum Replies Last Post
Terminal Server users are reportedly getting new profile Harin$Akshi Networking & Security 4 19-05-2011 12:19 PM
How do I grant access to web servers secure database? Liliana Technology & Internet 5 13-02-2010 04:14 AM
How to Register Dll for all users in terminal server Ron1 Networking & Security 3 22-07-2009 09:30 AM
Terminal services 2008 - MAC users Marcus Windows Server Help 2 24-11-2008 05:31 PM
Way to Grant Access to Local System Account to NETLOGON Share? Packham Active Directory 2 15-02-2008 09:31 PM


All times are GMT +5.5. The time now is 06:19 PM.