I have been under the impression that Domain Users should be able to login to a domain joined machine with their domain credentials out of the box and no special permissions needed. I'm running this whole setup in Hyper-V so not sure if that makes any difference:
Two DCs running 2012 R2 Standard
Two Win 8.1 clients
When I try to login to the domain PC, I get a login issue that the user has to be a member of the Remote Desktop Users group.
Is that required? Are domain users not by default allowed to login to domain PCs like that? Am I missing something else?
Best Answer
I suspect that the problem is due to Enhanced Session Mode being enabled. When so, I'm pretty sure that the Virtual Machine Connection console uses RDP to connect to the VM, which requires the connecting user to be a member of the local Remote Desktop Users group, the local Administrators group or to have the appropriate user rights and RDP protocol permissions.