Sign in with
Sign up | Sign in
Your question

Win2003 GPO for Logon to Terminal Services

Last response: in Windows 2000/NT
Share
Anonymous
January 26, 2005 10:53:05 AM

Archived from groups: microsoft.public.win2000.group_policy (More info?)

If I create a GPO and apply it to a server container that enables certain
users for logging on to terminal services shouldn't that enable them to RDP
into the servers or is that a different setting somewhere?
Anonymous
January 27, 2005 1:18:57 AM

Archived from groups: microsoft.public.win2000.group_policy (More info?)

To logon to Terminal Services, a user also needs the logon locally right.

I suggest that rather than using a GPO to control who can connect via RDP,
add a domain group to the local Remote Desktop Users group on the Terminal
Server, then populating the domain group with the user accounts that you
want to be able to use the Terminal Server. The local Remote Desktop Users
group, by default, gets the rights needed to logon via Terminal Services.

RDP is a Terminal Services client delivered with Windows XP and 2003.

--
Bruce Sanderson MVP Printing
http://members.shaw.ca/bsanders

It is perfectly useless to know the right answer to the wrong question.



"Quiggley" <Quiggley@discussions.microsoft.com> wrote in message
news:E8FD70C3-4192-47F2-A81A-36D5AD9CE6F1@microsoft.com...
> If I create a GPO and apply it to a server container that enables certain
> users for logging on to terminal services shouldn't that enable them to
> RDP
> into the servers or is that a different setting somewhere?
Anonymous
January 31, 2005 9:43:04 AM

Archived from groups: microsoft.public.win2000.group_policy (More info?)

Yeah. That would be simple. How can I keep from having to go in and turn on
RDP on a 2003 box though. Seems nothing works until I do that.

"Bruce Sanderson" wrote:

> To logon to Terminal Services, a user also needs the logon locally right.
>
> I suggest that rather than using a GPO to control who can connect via RDP,
> add a domain group to the local Remote Desktop Users group on the Terminal
> Server, then populating the domain group with the user accounts that you
> want to be able to use the Terminal Server. The local Remote Desktop Users
> group, by default, gets the rights needed to logon via Terminal Services.
>
> RDP is a Terminal Services client delivered with Windows XP and 2003.
>
> --
> Bruce Sanderson MVP Printing
> http://members.shaw.ca/bsanders
>
> It is perfectly useless to know the right answer to the wrong question.
>
>
>
> "Quiggley" <Quiggley@discussions.microsoft.com> wrote in message
> news:E8FD70C3-4192-47F2-A81A-36D5AD9CE6F1@microsoft.com...
> > If I create a GPO and apply it to a server container that enables certain
> > users for logging on to terminal services shouldn't that enable them to
> > RDP
> > into the servers or is that a different setting somewhere?
>
>
>
Anonymous
February 5, 2005 2:37:28 PM

Archived from groups: microsoft.public.win2000.group_policy (More info?)

Apply the setting:

Computer Configuration
Administrative Templates
Windows Components
Terminal Services
Allow Users to connect remotely using Terminal Services:
Enabled

This will turn on the check mark in System Properties, Remote, Remote
Desktop, Enable Remote Desktop users ... and make it grey so no one can turn
it off.

--
Bruce Sanderson MVP Printing
http://members.shaw.ca/bsanders

It is perfectly useless to know the right answer to the wrong question.



"Quiggley" <Quiggley@discussions.microsoft.com> wrote in message
news:D 783787D-0AD1-4C28-AA39-7B56A5740177@microsoft.com...
> Yeah. That would be simple. How can I keep from having to go in and turn
> on
> RDP on a 2003 box though. Seems nothing works until I do that.
>
> "Bruce Sanderson" wrote:
>
>> To logon to Terminal Services, a user also needs the logon locally right.
>>
>> I suggest that rather than using a GPO to control who can connect via
>> RDP,
>> add a domain group to the local Remote Desktop Users group on the
>> Terminal
>> Server, then populating the domain group with the user accounts that you
>> want to be able to use the Terminal Server. The local Remote Desktop
>> Users
>> group, by default, gets the rights needed to logon via Terminal Services.
>>
>> RDP is a Terminal Services client delivered with Windows XP and 2003.
>>
>> --
>> Bruce Sanderson MVP Printing
>> http://members.shaw.ca/bsanders
>>
>> It is perfectly useless to know the right answer to the wrong question.
>>
>>
>>
>> "Quiggley" <Quiggley@discussions.microsoft.com> wrote in message
>> news:E8FD70C3-4192-47F2-A81A-36D5AD9CE6F1@microsoft.com...
>> > If I create a GPO and apply it to a server container that enables
>> > certain
>> > users for logging on to terminal services shouldn't that enable them to
>> > RDP
>> > into the servers or is that a different setting somewhere?
>>
>>
>>
!