Windows Server 2008 R2 Remote Desktop - The requested session access is denied RRS feed

  • Domanda

  • Hi, I have been using Windows Server 2008 R2 since it was released, and have 100 servers up and running. I configured Allow Remote Desktop on all of them and have been able to connect to them and manage them via RDP since then. I also have two servers configured as Remote Desktop Services.

    That was up until yesterday. Yesterday afternoon I started getting the The requested session access is denied. I managed all Terminal services via Group Policy and have three users entered.

    I am connecting to the servers via Windows XP SP3 and Windows 7. Both clients have been updated to the latest Remote Desktop Services client.

    I have been searching for the answer, and I am not finding it.

    I have also tried KB954369 without any success. 





    martedì 23 marzo 2010 12:25


Tutte le risposte

  • I am having the same issue but when i clear the admin console connection I have started to get 

    the desktop you are trying to open is currently unavailable, contact your administrator to confirm that the correct settings are in the place for your client connection.


    martedì 6 aprile 2010 23:49
  • Ok, from my trials and tribulations and discussions with Microsoft I have identified the following;


    A. My terminal server is in domain widget

    B. All the users are in domain contoso

    1. I had the Terminal Server configurured with a specific Login, which would launch a specific application only and not give them any desktop functions. Wiht this configured this way, I get the error I wrote about.

    2. If I turn the specific login off, then I can login normally and perform the functions as Administrator that I need/want to do.

    3. Microsoft said to configure the Terminal Server with Single Sign-on. I did as instructed and went thru all the steps, however because my terminal server is in domain widget, the users get prompted twice each time for login. Once on the website, and then again as the application launches. Microsoft said that the users needed to Remote Desktop Client 7.x or the self-signed certificate that I have has to be included in the domain contoso certificate authority so that they will not be prompted for the second sign-on.

    4. Conclusions - I need to have a chat with our enterprise security team about including the self-signed certificate in the contoso certificate authority. I need to also work on my RDWeb website so that it meets our company standard look.

    Here are the links that Microsoft provided;


    Enable RDC Client Single Sign-On for Remote Desktop Services

    Blogs -


    I hope this help you in your troubleshooting.





    mercoledì 7 aprile 2010 12:44
  • See this was awhile back so not sure if you still need this but for other readers' :

    Sounds like the expiration for 120 days to configure to your licensing server. This is for the Remote Desktop Services setting. It should be in the alerts logs as well. This is my first guess. Good luck !


    martedì 2 agosto 2011 18:53

    A user trying to connect to a RDS host 2008 R2 (workgroup environment) got the error message "requested session access is denied". The user is member of the local remotedesktop user group and
    the permission "Allow logon via Remotedesktop servies" is granted.
    When granting administrative rights the issue will not appear.

    Solution: Remove the /admin parameter in the remote desktop connection. The user was trying to connect to the RDS host console session. This of course will not work with user rights.

    mstsc /admin

    mstsc /console


    • Modificato Vlakov giovedì 24 novembre 2011 19:42
    • Contrassegnato come risposta TP []MVP, Moderator lunedì 18 giugno 2012 06:16
    giovedì 24 novembre 2011 19:40
  • If your are getting "Access is Denied" error upon logon through RDP. Check "Remote desktop services" on the server you are trying to logon. If it is starting with "Local System" account, configure it to start with "Network Service" account. If you want to verify that, compare HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TermService with healthy machine.

    sabato 16 giugno 2012 08:24
  • I had this issue (Windows 2008R2, user is a local admin and gets Access Denied for Remote desktop sessions) as well.  I discovered that the users account had "Use Kerberos DES encryption..." selected in his Active Directory account (scroll down under Account options).  Turning it off allowed him to login.
    mercoledì 26 marzo 2014 21:57
  • Worked for me removing the /admin  parameter. 


    martedì 2 dicembre 2014 12:57
  • Ok But How to specific Remove the /admin parameter in the remote desktop connection?

    Please give me your steps remove this paramater

    lunedì 21 novembre 2016 21:42
  • When you go to Start - Run just type "mstsc" nothing more, nothing less, no /admin or anything.

    BTW, removing the /admin worked. The person I was helping was a member of "remote desktop users" and not a local admin of the box and could probably be the reason they were getting that error.

    sabato 15 luglio 2017 10:41
  • With notepad, in the saved mstsc file, I have removed the line "administrative session:i:1". 

    This line works only if the user have admin rights on the server.

    If not, the user receive : "the requested session access is denied". 

    martedì 12 giugno 2018 12:32
  • This error was driving me crazy as I was testing a new users setup. 
    Forgot that I had my shortcut with the console paramter. 

    Tnx for the help :)
    domenica 24 febbraio 2019 18:01