pacrozierMemberSep 19, 2011 at 3:01 pm #156246
I have added a new 2003 R2 terminal server to our domain (DC is on a 2003 standard edition) to replace one that fried. We have a couple of security groups defined, and the members of these groups can log in to the new terminal server without any problems.
I want to create a new OU and a Security Group within the new OU to connect to the terminal server. I have added the new security group to the Default Domain Security Settings in Local Policy -> User Rights Assignment -> Allow log on through Terminal Services and added the security group to the Remote Desktop Users group on the terminal server itself. When looking at the local security policy (secpol.msc) the new security group shows up under Allow Log on through Terminal Services in the Local Security Settings.
However – any user that is a member of the new security group, but is not a member of one of the existing security groups is not able to log in and gets the message “The local policy of this system does not allow you to logon interactively”
I have not (yet) defined any security policy for the new security group.
The new security group is part of the local security setting, and I must assume that the users in the new security group are thus part of the Remote desktop users group. To give the existing groups permission to log in to the new server I just had to add the existing security groups to the local Remote Desktop Users group.
Anybody have any ideas were I am going wrong and how to fix the problem.
Many thanks in advance.
You must be logged in to reply to this topic.