discolorMemberFeb 26, 2007 at 1:54 am #122911
Recently upgraded Win2K3 R2 server to Active Directory role. All was well, rebooted machine after removing old AV software. After reboot, regular, remote desktop users can access the terminal server but anyone in any admin group (Administrators, Enterprise Admins, Domain Admins) cannot. When any Admin user attempts to log on, via RDP, get the, “To log on to this computer, you must have Terminal Server User Access Permissions on this Computer…” Etc.
1). I have checked all policies, in all the obvious places, and nothing seems amiss (although there are nooks and crannies I have likely overlooked). I’ve not created any group policies since the domain level group policies work fine for our office (with the exception of this issue).
2). Added just about everyone, including Administrator group users to Terminal Server Access security policy, network access policy. Did the same to remote desktop users. Same issue.
3). Created test user. Test user logs in fine as Domain User, User, and remote desktop user (groups). Promoted this test user to administrator, cannot log on, receives same error as above. Repeated for Domain Admin, Enterprise Admin, all with same result. Demoted test user back to normal non-admin user, able to log in fine.
4). Messed around with groups and users, trying different combinations, reviewed group policies again… Found nothing obvious.
5). Searched the net in vain.
6). Came here in hope someone would know just where I might have messed up, and, more importantly, how I can go about solving the issue.
You must be logged in to reply to this topic.