Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

remote desktop problem

Status
Not open for further replies.
cindylee

cindylee

Technical User
Dec 10, 2002
42
CA
Hi
I have an XP Pro SP2 computer. In the security policy for this machine, I have defined "Interactive Logon: Message Text for Users Attempting to Log On", and included text that gets displayed before a user can log in. The problem is when I am connected to that machine remotely ( using Remote Desktop), and I reboot it remotely, and then try to re-initiate a remote desktop connection (after it boots up),
I get a black screen. The only way I can get a logon prompt, is to go to the remote machine ( luckily it's in the next room) and acknowledge the Logon banner that I defined in the security policy. Then, my remote session springs to life, and it now displays the logon banner, and I can acknowledge it, and I am able to log in. Is this behaviour by design, or am I missing something. Obviously, I can disable the message text, but I'd like to understand what's going on. Also, it's a recommended security practice to have these logon banners......
 
Sort by date Sort by votes
It's Catch 22. You can't RDP to a PC that doesn't have an account logged on to the operating system (and Windows networking) so you can't click on the 'OK' button in the 'interactive logon message text' in order to complete the startup/logon process.

This behaviour is by design as Terminal Services (which RDP is based on) expects an account to be logged on to the OS before being RDP'd to.

One way around this behaviour is to install a flavour of VNC (we use RealVNC, available from but there's several out there). VNC and its derivatives can run as a system service.

In practice, this means that you can VNC into a PC and 'OK' the 'interactive logon message text' button. After Windows has finished starting up (loading a profile, etc.) then you can RDP into it and use the RDP strengths (local printing, shared drives, etc.).

Hope this helps...
 
Upvote 0 Downvote
But when I disable the logon banner, and reboot the system, I'm able to logon using RDP, even though there's no other accounts logged on to the operating system ( cause it's just been rebooted )????
 
Upvote 0 Downvote
If you disable the logon banner and reboot the system then you should continue to login automatically to the OS... unless there is more than one user account (not counting the Administrator account which, by default, is not shown).

Does this help...?

 
Upvote 0 Downvote
I'm just confused about your first reply where you said that "You can't RDP to a PC that doesn't have an account logged on to the operating system (and Windows networking)".
That's what I did after I disabled the banner - I rebooted the XP machine and then, as it was still coming up, I went to my other computer and used RDP to log on to the XP machine remotely, and no other account was logged on.
 
Upvote 0 Downvote
A couple of similar stories here, but no solution.





Remote Desktop is described in detail in the Help and Support program under this heading "Remote Desktop overview".

280828 - How a Remote Desktop Connection Affects Windows XP Professional

The Features of the Remote Desktop Client in Windows XP

289289 - Remote desktop connection "The local policy of this system does not permit you to logon interactively"
 
Upvote 0 Downvote
Thanks for the links - those describe what's happening with me too... We used to have Win2K Server installed, and Terminal Services worked so much better
 
Upvote 0 Downvote
RDP will connect to a remote PC (with a challenge/response dialog) unless the remote PC has had a policy enforced on it which says, in effect, "don't logon (to the OS) until the following conditions are met".

You appear to have implemented a policy whereby the default login process has been halted by a legitimate 'Group Policy' challenge/response of 'who are you'.

 
Upvote 0 Downvote
So, I'll assume then from what you said , that a logon banner is a "legitimate 'Group Policy' challenge/response of 'who are you' "? At least I know that I can work around the problem - not the greatest solution but.....
Thanks for all your help Rick998 : - )
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sebastian42
  • Locked
  • Question
Possibly a timing problem
Replies
3
Views
1K
Rick998
Rick998
VicM
  • Locked
  • Question
Problem updating Windows Explorer
Replies
1
Views
907
Nancycaf
Nancycaf
dik
  • Locked
  • Question
Change Icon Image on Desktop
Replies
5
Views
895
JimSmith02
JimSmith02
Shengfu
  • Locked
  • Question
PROBLEM WITH FILES IN FLASHDRIVE
Replies
3
Views
443
mikrom
mikrom
xarzu
  • Locked
  • Question
How is remote debugging allowed on Microsoft SQL Management studio?
Replies
2
Views
480
xarzu
xarzu

Part and Inventory Search

Sponsor

Back
Top