Hey everybody, I just started messing with AD about three days ago, but I have one machine running as the AD DC computer, and another that joined the domain with no problems. The only wierd thing is that I can RDP into the Domain Controller no problem, but I cant rdp into the other Domain Computer using my default administrator acct, an acct I made and gave domain admin privs to, but I CAN login using the built in windows administrator acct. Any words of wisdom? I figure its not a firewall problem because I can use the local acct to rdp into it, its not a domain issue because I have a share folder between the DC and that particular Domain Computer so Im not sure.
Active Directory on server 2008 R2 default administrator acct cant rdp into domain computers
active-directoryrdpwindows-server-2008
Best Answer
What error message does it give you when the login fails?
I'm gonna base this answer on the assumption that it's the
To log on to this remote computer, you must be granted the allow log on through terminal services righterror, since that seems likely.. but let me know if that's inaccurate.What's probably happening is that the User Rights Assignment for RDP is set to something strange. Hop on a DC, and check out the Resultant Set of Policy for the server in the Group Policy Management Console tool. Under
User Rights Assignment, there are two settings to be concerned with: Allow and Deny log on through Remote Desktop/Terminal Services. Deny should be empty, and Allow should containAdministratorsandRemote Desktop Users.If they're set wrong, the tool will display where the settings are coming from (either a specific group policy object, or the Local Security policy); it can then be corrected there.