Win2003 GPO for Logon to Terminal Services

G

Guest

If I create a GPO and apply it to a server container that enables certain
users for logging on to terminal services shouldn't that enable them to RDP
into the servers or is that a different setting somewhere?
 
B

Bruce Sanderson

To logon to Terminal Services, a user also needs the logon locally right.

I suggest that rather than using a GPO to control who can connect via RDP,
add a domain group to the local Remote Desktop Users group on the Terminal
Server, then populating the domain group with the user accounts that you
want to be able to use the Terminal Server. The local Remote Desktop Users
group, by default, gets the rights needed to logon via Terminal Services.

RDP is a Terminal Services client delivered with Windows XP and 2003.
 
G

Guest

Yeah. That would be simple. How can I keep from having to go in and turn on
RDP on a 2003 box though. Seems nothing works until I do that.
 
B

Bruce Sanderson

Apply the setting:

Computer Configuration
Administrative Templates
Windows Components
Terminal Services
Allow Users to connect remotely using Terminal Services:
Enabled

This will turn on the check mark in System Properties, Remote, Remote
Desktop, Enable Remote Desktop users ... and make it grey so no one can turn
it off.

--
Bruce Sanderson MVP Printing
http://members.shaw.ca/bsanders

It is perfectly useless to know the right answer to the wrong question.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Security Filtering for specific "Links" instead of "GPO" 2
Terminal Server GPO 3
GPO IE Zone Mapping issue on TS 2
Terminal Services GPO 2
Terminal Services and GPO 1
set group policy for users who both login to laptop as rdp server, how? 1
GPO and Terminal Server 2
Loopback Processing with Security Groups (No separate OU) 1

Top