Hi every body, I am trying to configure terminal server. Everytime I try to connect i get this error " To log on to this remote computer, you must have terminal server user access permissions on this computer. By default, members of the remote desktop users group have these permissions. if you are not a member of the remote desktop users group or another group that has these permissions, or if the remote desktop user group does not have these permissions, you must be granted these permissions manually"
This is what I have done so far.
For this purpose I am using Microsoft virtual pc.
I installed two machines with windows server 2003 R2.
One is with the name server01 and other is with the name server02.
Server01 is a domain controller(contoso.com)
server02 is a Terminal Server installed on it.
In server01 I created a global security group with the name "contoso terminal user" and make it a member of PRINT OPERATORS GROUP.
Then I created a user JOHN and make it a memmber of CONTOSO TERMINAL USER group.
I have also made the Contoso Terminal User group a member of Remote desktop users group.
ON Server02 I did the following configuration
Now I made server02 a member of server01 (server02 belongs to the contoso.com domain)
In server02 I have installed the Terminal server from add/remove programse in control pannel.
I opened the Terminal Services Configuration wizard. In the properties of RDP-TCP set the encryption level to "Client Compatible", In sessions tab I clicked on "Override user settings and set it to one day, active session limit also set to ONE day, idle session limit to 3 hours.
Also enabled the OVERRIDE user settings and selected "Disconnect from session.
In permission Tab, I added the Contoso Terminal User group and set the allow permissions to USER ACCESS and GUEST ACCESS, In advaced (special permissions) I set allow permissions for this group to "Remote Control, logon, connect and query information.
In Network adapter tab, I selected Maximum connections up to 10.
In client settings use connection settings from user settings is enabled and 16bit maximum color depth is already set.
After done all these settings, I opened the Local Users and groups snap-in clonsole by choosing Manage from my computer. (by right clicking my computer)
In the Groups node, I opened the Remote Desktop Users and addedd the Contoso Terminal Server Users group as a member.
Now I come back to server01, and logged on as JOHN, Then I opened Remote Desktop Connection from the JOHN account and typed server02.contoso.com. It logged on but it again asked me for password and in log on to it showed me both the computer names (contoso and server02). If i select server02, then it gives the error " The system could not log you on, make sure user name and domain are correct, then type your password again. Letters in Passwords must be typed using the correct case" But if I select Contoso then it gives the error" To log on to this remote computer, you must have terminal server user access permissions on this computer. By default, members of the remote desktop users group have these permissions. if you are not a member of the remote desktop users group or another group that has these permissions, or if the remote desktop user group does not have these permissions, you must be granted these permissions manually".
If anyone have any solution then please tell me. I shall be very thankful.
Sarabjit Singh
This is what I have done so far.
For this purpose I am using Microsoft virtual pc.
I installed two machines with windows server 2003 R2.
One is with the name server01 and other is with the name server02.
Server01 is a domain controller(contoso.com)
server02 is a Terminal Server installed on it.
In server01 I created a global security group with the name "contoso terminal user" and make it a member of PRINT OPERATORS GROUP.
Then I created a user JOHN and make it a memmber of CONTOSO TERMINAL USER group.
I have also made the Contoso Terminal User group a member of Remote desktop users group.
ON Server02 I did the following configuration
Now I made server02 a member of server01 (server02 belongs to the contoso.com domain)
In server02 I have installed the Terminal server from add/remove programse in control pannel.
I opened the Terminal Services Configuration wizard. In the properties of RDP-TCP set the encryption level to "Client Compatible", In sessions tab I clicked on "Override user settings and set it to one day, active session limit also set to ONE day, idle session limit to 3 hours.
Also enabled the OVERRIDE user settings and selected "Disconnect from session.
In permission Tab, I added the Contoso Terminal User group and set the allow permissions to USER ACCESS and GUEST ACCESS, In advaced (special permissions) I set allow permissions for this group to "Remote Control, logon, connect and query information.
In Network adapter tab, I selected Maximum connections up to 10.
In client settings use connection settings from user settings is enabled and 16bit maximum color depth is already set.
After done all these settings, I opened the Local Users and groups snap-in clonsole by choosing Manage from my computer. (by right clicking my computer)
In the Groups node, I opened the Remote Desktop Users and addedd the Contoso Terminal Server Users group as a member.
Now I come back to server01, and logged on as JOHN, Then I opened Remote Desktop Connection from the JOHN account and typed server02.contoso.com. It logged on but it again asked me for password and in log on to it showed me both the computer names (contoso and server02). If i select server02, then it gives the error " The system could not log you on, make sure user name and domain are correct, then type your password again. Letters in Passwords must be typed using the correct case" But if I select Contoso then it gives the error" To log on to this remote computer, you must have terminal server user access permissions on this computer. By default, members of the remote desktop users group have these permissions. if you are not a member of the remote desktop users group or another group that has these permissions, or if the remote desktop user group does not have these permissions, you must be granted these permissions manually".
If anyone have any solution then please tell me. I shall be very thankful.
Sarabjit Singh