Sign in
 
HomeWindows 8Windows 7Windows VistaWindows XPMDOPWindows IntuneLibraryForums
Windows Client >
Remote Desktop connection problem

Answered Remote Desktop connection problem

  • Tuesday, May 08, 2012 6:59 AM
     
     
    Sign In to Vote
    0

    good day everyone,

    we are recieving the following error:

    "To log on to this remote computer, you must be granted the Allow log on through
    Terminal Services right. By default, members of the Remote Desktop Users group have this
    right. If you are not a member of the Remote Desktop Users group or another group that
    has this right, or if the Remote Desktop User group does not have this right, you must be
    granted this right manually."

    this happens when we try to connect to a Vista Enterprise Client via Remote Desktop Connection after the Client got reinstalled via WDS successfully.

    this happend on 5 different clients during the last 10 days (we are running approx. 4500 clients)

    those clients are on different hardware

    for some reason the domain policy seems not to reach the client

    the client remote settings have been double checked and the usual settings are in ok status.

    the network connection must be fine, otherwise the image cloning via WDS wouldn´t work.

    so what?

    any ideas anyone!

    your input would be much appreciated

    many thanks in advance

    Michael Selinger

     

All Replies

  • Wednesday, May 09, 2012 5:38 AM
    Moderator
     
     
    Sign In to Vote
    0

    Hi Michael,

    I would suggest checking all the policy values that may deny you logon.

    Secpol.msc - user rights assignments - allow logon through terminal services.

    Also, please logon to console of the server and verify that your token includes "Remote Desktop Users" by typing "whoami /groups".

    Regards,

    Sabrina

    TechNet Subscriber Support

    If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.

    Sabrina

    TechNet Community Support

     
  • Wednesday, May 09, 2012 6:07 AM
     
     
    Sign In to Vote
    0

    good morning sabrina

    many thanks for your answer but this does not help.

    with none of our remote desktop users we can connect to this certain notebook, not even with the local computer administrator which would get set by policy.

    while we can connect to all other clients in this branch or any other branches.

    reason: obviously the domain policy does not reach to this one notebook, whilst it does to all others

    this HP notebook (8530p) has been cloned with the same Image from our WDS Server like all other approx 4500 clients in our domain.

    any other ideas?

    Michael

    Michael Selinger

     
  • Wednesday, May 09, 2012 6:17 AM
    Moderator
     
     
    Sign In to Vote
    0

    Did you check if the new machines joined to the domain properly?

    And you may run the command: gpresult to show the group policy which has been applied to your client to check if these policies reached.

    Regards,

    Sabrina

    TechNet Subscriber Support

    If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.

    Sabrina

    TechNet Community Support

     
  • Thursday, May 10, 2012 5:11 AM
     
     
    Sign In to Vote
    0

    good morning sabrina,

    many thanks for your reply.

    unfortunately this did not help, nor follow my information.

    as mentioned, the domain policy got NOT applied for some reason on this vista client.

    we could not connect with any of our remote desktop users.

    meanwhile we did a workaround, connected with the domain admin, added all permission groups manually, then it worked

    but that´s not a solution if this should happen again, what could be the reason why a domain policy get´s not applied, while the client is in the domain already though?

    Michael

    Michael Selinger

     
  • Thursday, May 10, 2012 8:05 AM
    Moderator
     
     
    Sign In to Vote
    0

    According to your work around, it should be still the permission issue.

    "To log on to this remote computer, you must have Terminal Server User Access permissions on this computer..." or "The Requested session access is denied": This error means that the user that tried to connect has been assigned to the GPO correctly for "Allow Logon Through Terminal Services", but the user is not a member of the Remote Desktop Users group, or otherwise does not have permissions to the RDP-TCP listener on that machine. Go check the Terminal Services Configuration snap in.

    See Allow Logon Through Terminal Services vs. Remote Desktop Users group: Which and why?

    Please Note: Since the website is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    Regards,

    Sabrina

    TechNet Subscriber Support

    If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.

    Sabrina

    TechNet Community Support

     
  • Wednesday, May 16, 2012 4:36 AM
     
     
    Sign In to Vote
    0

    good morning

    i am sorry, but this is not an answer.

    the question was not what the error means but WHY the policy does not get applied on some certain vista clients.

    Michael Selinger

    Michael Selinger

     
  • Wednesday, May 16, 2012 6:55 AM
    Moderator
     
     Answered
    Sign In to Vote
    0

    Did you check if there are any settings overridden by another policy, or that they're filtered out because of WMI or security?

    Also this issue is more server related, in order to get the answer effectively, it is recommended to post a new question in Windows Server Forum for further discussion.

    The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn from your interaction with us. Thank you for your understanding.

     

    Regards,

    Sabrina

    TechNet Subscriber Support

    If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.

    Sabrina

    TechNet Community Support

     
  • Wednesday, May 16, 2012 8:14 AM
     
     
    Sign In to Vote
    0
    Try logging
    http://blogs.technet.com/b/askperf/archive/2008/03/11/group-policy-logging-on-windows-vista.aspx
     
    --
    ..
    --
    "michael.selinger" wrote in message
    news:6fb8783e-7837-4f12-8fc3-59b35f629b36...
    > good morning
    >
    >
    > i am sorry, but this is not an answer.
    >
    > the question was not what the error means but WHY the policy does not get
    > applied on some certain vista clients.
    >
    >
    > Michael Selinger
    >
    >
    > --------------------------------------------------------------------------------
    >
    > Michael Selinger
    >
     
     
     
  • Wednesday, May 16, 2012 8:16 AM
     
     
    Sign In to Vote
    0
    I'll make it a link.

    --
    .
    --
    "michael.selinger" wrote in message news:6fb8783e-7837-4f12-8fc3-59b35f629b36...
    > good morning
    >
    >
    > i am sorry, but this is not an answer.
    >
    > the question was not what the error means but WHY the policy does not get applied on some certain vista clients.
    >
    >
    > Michael Selinger
    >
    >
    > --------------------------------------------------------------------------------
    >
    > Michael Selinger
    >
     
  • Friday, January 11, 2013 2:56 PM
     
     
    Sign In to Vote
    0

    I found the solution for this issue,  at

    http://www.99technuts.com/others/terminal-services/common-issues/to-log-on-this-remote-computer-you-must-be-granted-the-allow-logon-through-terminal-services-right