I got this error today when I tried to login by rdesktop to a machine in my domain using the domain user account. Yes, the machine B is part of the domain xyz.com whose domain controller is machine A. Let us say the account name is user1.
The first thing I did was to be sure that the username user1 is not there in “Deny logon through Terminal Services” and "Deny log on locally" policies.
1. Goto machine B
2. Start -> Run and type secpol.msc and enter
3. Ensure that user1 is not in the above policies under "Local Policies".
No, its not there. So now what next ? Ok..let me first try with a local user. I tried adding a local user named testuser1 and also verfied it is not there in above policies. Tried rdesktop to machine B with the local username. Again the same error. Ok, so now local user is also not able to login and get the same error. Check secpol.msc once again. Did I miss something ?
Yes..Found something - "Allow logon through terminal services". Added the user testuser1 into this and tried login.
Cool !! It went one step ahead. No more of the same error. But a new error came up. "User does not access to logon to this session". Did some googling and found that I need to add testuser1 to "Remote Desktiop users" group. Ok, added user to this group.
Tried logging in again as testuser1. Voila ! it worked. testuser1 who is the local user is now able to login using rdesktop.
Now, I got to get the same thing done for domain user.
Log on to machine A (domain controller) Added user user1 to "Allow logon through terminal services". Now add xyz\user1 to "Remote Desktop User" group - right ? Yes...
Open up the Start->Administrative Tools->Active Directory Users and Computers->Computers, right click on computer B,
click Manage Computer
Go to "System Tools" -> "Local Users and Groups" -> Groups
Open "Remote Desktop Users" group and click the "ADD" button and add the user as xyz\user1
Now login to machine B using the domain user name user1 into the xyz domain and it works !! .
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment