Home > Remote Desktop > Remote Desktop Domain Controller Error

Remote Desktop Domain Controller Error


Does the Iron Man movie ever establish a convincing motive for the main villain? In administrative tools/Domain Controller Security Policy, as well as in administrative tools/Domain Security Policy, I have not changed anything to the "Allow log on through terminal services" policy. And as for my previous statement, please add that you do have to be a user of the domain controller before you will be able to log into that machine. if so, did you run sysprep on the VM before using it?Mohsen Almassud Wednesday, December 26, 2012 1:44 PM Reply | Quote Microsoft is conducting an online survey to understand your http://supercgis.com/remote-desktop/remote-desktop-error-windows-cannot-connect-to-the-domain.html

I have only seen this behavior on these two servers. I would really appreciate any help. You may be running in to one of those snags http://geekswithblogs.net/bjackett/archive/2010/06 /06/how-to-configure-remote-desktop-to-hyper-v-guest-virtual-machines.aspx Top Best Answer 0 Mark this reply as the best answer?(Choose carefully, this can't be changed) Yes | No I don't even see an option to log into a 2003 DC via local computer vs. http://www.techexams.net/forums/server-70-290/26241-domain-admin-cannot-remote-desktop-domain-controller.html

To Sign In Remotely You Need The Right To Sign In Through Remote Desktop Services. By Default

Figure 1: Selecting a user to disconnect Also, remember that to allow remote connections for administrative purposes only, you don't have to install Remote Desktop Session Host (aka Terminal Server). sabre307 replied Sep 22, 2012 I assume that in his orginal post, he was referring to the firewall on the DC, which is a VM. windows-server-2008 group-policy terminal share|improve this question edited Mar 26 '13 at 3:12 asked Mar 26 '13 at 3:05 Jake 55711241 add a comment| 3 Answers 3 active oldest votes up vote

somebody added domain administrators instead of domain admins in log on locally security policies and that caused the problem. That's the likely reason no one has offered any input. The pattern I noticed was that domain controllers have only administrators while member servers have administrators and remote desktop users. Domain-admin-cannot-remote-desktop- W2K REMOTE DESKTOP - Cant connect to Terminal Server via Internet - how do I open port 3389 How to Change IP Address Automatically When Two Different Users Log Onto Same

I had some issues getting RDP to work when we first set up our Hyper-V hosts, but that was about 2 years ago and I don't completely remember what I did Domain Admin Cannot Log Into Domain Controller Am I misreading you? In Windows 2008, you can do this by going to: 1.) Administrative Tools, Remote Desktop Services and then clicking on "Remote Desktop Session Host Configuration" 2.) Inside RDSH Configuration, right mouse this You can grant additional groups the right to login at the "Allow logon through Terminal Services".

That's just basic. Rdp This Computer Can't Connect To The Remote Computer Once you identified the duplicates, please remove the wrong ones. Of course, check the membership of those groups. If they are DCs, you may also want to check the default domain controller GPO for the same settings under Computer Configuration/Policies/Windows Settings/Security Settings/Local Policies/User Rights Assignment.

Domain Admin Cannot Log Into Domain Controller

This is what I thought I had understood, and something else seems to confirm it as well: In the system properties of the domain controller, remote tab, "select remote users", at http://serverfault.com/questions/491314/adminstrator-cannot-log-on-to-server-via-remote-desktop-after-changing-default-d I have attached a printout from gpresult. To Sign In Remotely You Need The Right To Sign In Through Remote Desktop Services. By Default I think the important ones for you are going to be Administrators (who should have Full Control, User Access and Guest Access) and Remote Desktop Users (who should have User Access Can T Remote Desktop To Domain Controller William Acree replied Sep 21, 2012 Please answer the following.

What I want to achieve is - I want to create a user group in AD for some users and have it administered by someone else apart from the server administrator http://supercgis.com/remote-desktop/remote-desktop-no-error.html Why is international first class much more expensive than international economy class? The Administrator account should only be used to locally administer the servers. I don't think it's a policy issue. Allow Log On Through Remote Desktop Services

However, in large corporate networks maintained by many administrators, it may become necessary to grant RDP access to the DC for different server administration groups, monitoring team, duty administrators, or other Any ideas? turn your firewall back on. his comment is here Have a look in Group Policy under Computer Configuration > Windows Settings > Security Settings > User Rights.

They are not DCs. Allow Rdp To Domain Controller 2008 The firewall that I asked him to turn off momentarily was the firewall on the host machine (the one running Hyper-V). I recommend to remove domain\administrator on ALL other groups that it is in except "domain admins" group. 0 Anaheim OP 1337_Geek Oct 31, 2011 at 6:54 UTC SubyFly,

If you choose to participate, the online survey will be presented to you when you leave the Technet Web site.Would you like to participate?

after login. Home | Invite Peers | More Windows Groups Your account is ready. All rights reserved. Cannot Rdp To Server 2008 R2 Since interactive authentication using NTLM was disallowed for interactive logons, this explains why you are receiving your error message.

Just add Administrators group in this option and the members of your domain admin or any admin group will be able to login to all domain controllers after 5 minutes. Details here: http://support.microsoft.com/kb/2008039 To allow RDP to DCs with requiring administrative rights, use the following: http://social.technet.microsoft.com/Forums/en/winserverDS/thread/34fb8e4f-f1ff-4f52-8935-731d22e7535eThis posting is provided "AS IS" with no warranties or guarantees , and confers no rights. None of my machines had any members for remote desktop users. weblink Is it a test domain you just setup or something else someone has setup in the past?

There are already two admins connected to the box, and if necessary he can disconnect one of them. That's WHY I asked them. Since interactive authentication using NTLM was disallowed for interactive logons, this explains why you are receiving your error message. The first item in your list (assuming you targeted the local computer), is the local policy for that machine.

If someone has a clue what's going on can you please help me to solve this? How is this red/blue effect created? I am trying to get a baseline from the OP since we had very little info. Once you identified the duplicates, please remove the wrong ones.

Are there any other VMs on the host? share|improve this answer edited Jan 28 at 14:49 gWaldo 9,85042963 answered Oct 9 '15 at 3:51 ANoop 111 add a comment| up vote 1 down vote Default access for Administrators and JSI Tip 4873. This remote access is controlled by the Allow log on through Remote Desktop Services user rights assignment, which can be configured by using the Group Policy Management Console (GPMC).

I recommend domain\administrator to be on "domain admins" group and nothing else. scdladmin replied Sep 18, 2012 Does the Default Domain Controller GP allow your user to access the DC from the network (Computer Config -> Windows Settings -> Security Settings -> Local If this number is exceeded, additional users who try to connect receive an error message telling them that the server is busy and to try again later. Microsoft Customer Support Microsoft Community Forums {{offlineMessage}} Store Store home Devices Microsoft Surface PCs & tablets Xbox Virtual reality Accessories Windows phone Software Office Windows Additional software Apps All apps Windows

Top Best Answer 0 Mark this reply as the best answer?(Choose carefully, this can't be changed) Yes | No Saving... mstsc /admin Take a look at this article about RDP and Hyper V issues. So, you grab the Process ID (PID) number from the results and run Tasklist while grep’ing for PID 2252. sabre307 replied Sep 20, 2012 One more quick question that I just thought of, have you installed integration services on the DC?

It's important to note that Microsoft does not recommend changing the port assigned to RDP. As a test just now at work, I remoted into our DC, removed myself from the Remote Desktop Users group, then tried it again. I have it under Group Policy > Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment > Allow log on through Terminal Services.