Unable to logon via RDC usage in Win2K3 SBS

T

Tom

Windows Server 2003, all MS updates
Remote workstation is either WinXP Pro or WinVista Business/Ultimate

I have a user that needs to use Remote Desktop Connection and use our
IE7/IE8 apps on our servers. When attempting to connect via "john.doe" on
our network he receives this message that others on our network (remoting in)
don't receive.
"To logon to this remote computer you must be granted the Allow log on
through Terminal Services right. By default, members of the Remote Desktop
Users group have this right. If you are not a member of the Remote Desktop
Users group or another group that has this right, or if the Remote Desktop
User group does not have this rigth, you must be granted this group manually."
I have set this "john.doe" user as a member of the Remote Users Group.
There's some nuance here that I'm missing. FWIW, I'm North American based
and he's overseas - far east.
 
L

Lanwench [MVP - Exchange]

Tom wrote:
> Windows Server 2003, all MS updates
> Remote workstation is either WinXP Pro or WinVista Business/Ultimate
>
> I have a user that needs to use Remote Desktop Connection and use our
> IE7/IE8 apps on our servers.

You mean use them from workstations, though - not connecting via RDP to the
server, correct? Just want to clarify.

> When attempting to connect via
> "john.doe" on our network he receives this message that others on our
> network (remoting in) don't receive.
> "To logon to this remote computer you must be granted the Allow log on
> through Terminal Services right. By default, members of the Remote
> Desktop Users group have this right. If you are not a member of the
> Remote Desktop Users group or another group that has this right, or
> if the Remote Desktop User group does not have this rigth, you must
> be granted this group manually." I have set this "john.doe" user as a
> member of the Remote Users Group. There's some nuance here that I'm
> missing. FWIW, I'm North American based and he's overseas - far east.

Can you RDP to one of these desktops successfully from across the LAN and
log into it as him?

Can you connect to RWW on your own PC, log in as him and connect to another
workstation successfully?
 
T

Tom

Thanks for your response!

He is connecting via RDC to use our IE for a variety of reasons. The REAL
reason for the post was the error message he's getting even BEFORE he logs
into our server to use IE. Hence, I need to know what to do given the
reported error message. I'm lost on the nuances of the error message.

Clarified better?

"Lanwench [MVP - Exchange]" wrote:

> Tom wrote:
> > Windows Server 2003, all MS updates
> > Remote workstation is either WinXP Pro or WinVista Business/Ultimate
> >
> > I have a user that needs to use Remote Desktop Connection and use our
> > IE7/IE8 apps on our servers.
>
> You mean use them from workstations, though - not connecting via RDP to the
> server, correct? Just want to clarify.
>
> > When attempting to connect via
> > "john.doe" on our network he receives this message that others on our
> > network (remoting in) don't receive.
> > "To logon to this remote computer you must be granted the Allow log on
> > through Terminal Services right. By default, members of the Remote
> > Desktop Users group have this right. If you are not a member of the
> > Remote Desktop Users group or another group that has this right, or
> > if the Remote Desktop User group does not have this rigth, you must
> > be granted this group manually." I have set this "john.doe" user as a
> > member of the Remote Users Group. There's some nuance here that I'm
> > missing. FWIW, I'm North American based and he's overseas - far east.
>
> Can you RDP to one of these desktops successfully from across the LAN and
> log into it as him?
>
> Can you connect to RWW on your own PC, log in as him and connect to another
> workstation successfully?
>
>
>
>
 
L

Lanwench [MVP - Exchange]

Tom wrote:
> Thanks for your response!
>
> He is connecting via RDC

Yes, I got that, but to what?

> to use our IE

You mean you want him to use your Internet connection to browse rather than
get to the web from his own local computer, I'm guessing.

> for a variety of reasons. The
> REAL reason for the post was the error message he's getting even
> BEFORE he logs into our server to use IE. Hence, I need to know what
> to do given the reported error message. I'm lost on the nuances of
> the error message.
>
> Clarified better?

Sort of.

He cannot log into the server via RDP - that's a really bad idea (and won't
work out of the box). It would be a huge security risk, and nobody should
ever use the server as a workstation. Only an admin can even see the option
to connect to the SBS box from within RWW, so if he sees that option then he
has more rights on the domain than he should.

However, he can use RWW to to connect to a workstation on the domain if you
like, via RWW.

To find out whether it's an issue with his account or RWW or connection or
local computer, do the tests I suggested -

From your desktop, use the local RDP client to connect to the target PC he's
trying to connect to, and see if you can connect and log in as him

If that works, from your desktop go to RWW (https://server/remote) and log
in as him and try to connect to that same computer using RDP.

If these both work, then it's something on his local computer or his
internet connection and there isn't anything you can do about it on your
end.
>
> "Lanwench [MVP - Exchange]" wrote:
>
>> Tom wrote:
>>> Windows Server 2003, all MS updates
>>> Remote workstation is either WinXP Pro or WinVista Business/Ultimate
>>>
>>> I have a user that needs to use Remote Desktop Connection and use
>>> our IE7/IE8 apps on our servers.
>>
>> You mean use them from workstations, though - not connecting via RDP
>> to the server, correct? Just want to clarify.
>>
>>> When attempting to connect via
>>> "john.doe" on our network he receives this message that others on
>>> our network (remoting in) don't receive.
>>> "To logon to this remote computer you must be granted the Allow log
>>> on through Terminal Services right. By default, members of the
>>> Remote Desktop Users group have this right. If you are not a
>>> member of the Remote Desktop Users group or another group that has
>>> this right, or if the Remote Desktop User group does not have this
>>> rigth, you must be granted this group manually." I have set this
>>> "john.doe" user as a member of the Remote Users Group. There's some
>>> nuance here that I'm missing. FWIW, I'm North American based and
>>> he's overseas - far east.
>>
>> Can you RDP to one of these desktops successfully from across the
>> LAN and log into it as him?
>>
>> Can you connect to RWW on your own PC, log in as him and connect to
>> another workstation successfully?
 
You must log in or register to reply here.

Similar threads

J
Unable to logon and change Windows password using RD when enabled User must change password at next logon
Replies
0
Views
53
JCM_738
J
J
Group policy client service failed the sign in - Remote Desktop Client
Replies
0
Views
177
Justin Villanueva
J
B
  • Article
Releasing Windows 11 Build 22000.2121 to the Release Preview Channel
Replies
0
Views
155
Brandon LeBlanc
B
A
  • Article
Announcing Windows 11 Insider Preview Build 26120.1843 (Dev Channel)
Replies
0
Views
51
Amanda Langowski
A
B
  • Article
Announcing Windows 11 Insider Preview Build 23580 (Dev Channel)
Replies
0
Views
88
Brandon LeBlanc
B
Back
Top Bottom