none
Allow Logon through Terminal Services - Domain Controller

    Question

  • Hi,

    I have to grant RDP access and Local Logon rights a team ONLY for OS & Hardware Maintenance purpose.

    As part of this task, I tried to grant remote login access for a normal user to domain controller, but couldn't not.

    I have added the user id in "Allow log on through terminal services" and "Allow logon locally" under following location, and verified it is applied.

    • Computer Configuration -> Windows settings ->
      Security Settings -> Local policies -> User Rights Assignment

    Since it was not working, I selected one domain controller, and Denied all other policies to it. I.e, only one policy is applied to selected domain controller (we have 4 DC's), to make sure no other policy is causing the problem.domain controller

    Could any one help to grant access to normal user to login to Domain Controller?

    Here is the event from security log

    Event ID: 4825

    FailureAudit:

    "A user was denied the access to Remote Desktop. By default, users are allowed to connect only if they are members of the Remote Desktop Users group or Administrators group.

    .................. .

    This event is generated when an authenticated user who is not allowed to log on remotely attempts to connect to this computer through Remote Desktop

    Thursday, March 31, 2016 12:37 PM

Answers

All replies