G
Guest
Howdy!
I have a Windows 2003 R2 domain managed via Group Policy with something over
100 client machines as members. We've recently implemented VPN access and
the long term plan is to implement a solid Terminal Server infrustructure.
In the mean time, though, I'm attempting to get access for folks working from
home to Remote Desktop on their Windows XP Pro SP2 machines here at the
office. I do have Windows Firewall enabled on the clients here in the
office, which is also managed via Group Policy. I've double and triple
checked policy settings (ports for the firewall, user account flags, & the
policy for Remote desktop itself) but I must be missing something somewhere.
Here's the problem - Users (standard Domain Users in Active Directory) can
connect to the VPN, fire up Remote Desktop and connect\logon to their
machines here at the office on the first try, no problems at all. Upon
finishing up and selecting the "Logoff" option, the Remote Desktop session on
their end closes as expected - But when any of them attempt to reconnect to
their machines via Remote Desktop again later they get an error stating, "You
do not have access to logon to this Session". This persists until their
machine here at the office is rebooted. I enabled the "Disconnect" option
via Group Policy and they are then able to disconnect and reconnect for a
period of time - But I really need them to log off the machines when they are
done so this is a band-aid solution at best.
Checking the process list on the machines when a user logs off remotely
shows that there are two WinLogon.exe processes running afterward - Is this
causing the Remote Desktop software to get confused in some way? There is no
"session" I can see beyond this second instance, unless the user uses the
disconnect option - But then they can reconnect just fine.
Any thoughts on the problem would be most welcome!
Thanks!
Gregg Knapp
I have a Windows 2003 R2 domain managed via Group Policy with something over
100 client machines as members. We've recently implemented VPN access and
the long term plan is to implement a solid Terminal Server infrustructure.
In the mean time, though, I'm attempting to get access for folks working from
home to Remote Desktop on their Windows XP Pro SP2 machines here at the
office. I do have Windows Firewall enabled on the clients here in the
office, which is also managed via Group Policy. I've double and triple
checked policy settings (ports for the firewall, user account flags, & the
policy for Remote desktop itself) but I must be missing something somewhere.
Here's the problem - Users (standard Domain Users in Active Directory) can
connect to the VPN, fire up Remote Desktop and connect\logon to their
machines here at the office on the first try, no problems at all. Upon
finishing up and selecting the "Logoff" option, the Remote Desktop session on
their end closes as expected - But when any of them attempt to reconnect to
their machines via Remote Desktop again later they get an error stating, "You
do not have access to logon to this Session". This persists until their
machine here at the office is rebooted. I enabled the "Disconnect" option
via Group Policy and they are then able to disconnect and reconnect for a
period of time - But I really need them to log off the machines when they are
done so this is a band-aid solution at best.
Checking the process list on the machines when a user logs off remotely
shows that there are two WinLogon.exe processes running afterward - Is this
causing the Remote Desktop software to get confused in some way? There is no
"session" I can see beyond this second instance, unless the user uses the
disconnect option - But then they can reconnect just fine.
Any thoughts on the problem would be most welcome!
Thanks!
Gregg Knapp