Home
Certification Preparation
Microsoft
MCSA / MCSE on Windows 2003 General
Server 70-290
Please clarify RDP
jonlad11
Hi there, could someone please clarify this point of RDP, i have seen conflicting information from transcender/MSPress and Sybex.
On member servers, adding to the remote desktop group also adds the right to logon terminal servers.
But on Domain Controllers, the right to logon terminal servers must added manually to the remote desktop group.
is this right? if not, could one of you enlightened people please shed some light on this?
cheers one and all
Find more posts tagged with
Comments
Everlife
Hi Jon,
Here's how I understand it:
Member Servers: Once RD is enabled, by default, the Administrators group and Remote Desktop Users group have the right to logon through terminal services. When you add a user to the Remote Desktop Users group, he/she is inheriting the right.
Domain Controllers: Once RD is enabled, by default, only members of the Administrators group have the right to logon through terminal services. Remember, there isn't a local security database for a domain controller so no local Remote Desktop Users group exists for the DC. You would have to manually create the group in Active Directory then grant that group the right to logon through terminal services in the Default Domain Controllers Policy which you would edit through Active Directory.
If you checked your User Rights section of the policies you would see the following:
Member Server - Allow Logon Through Terminal Services: Administrators, Remote Desktop Users
Domain Controllers - Allow Logon Through Terminal Services: Administrators
I hope that clears that up. If I'm mistaken on anything, I'm sure one of the real experts will catch it, but I'm pretty sure I'm right about it.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
