Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Win2k3 environment; TS Server can't access AD on DC Server

Status
Not open for further replies.
DomRCS

DomRCS

IS-IT--Management
Jun 19, 2007
8
CA
I am adding a Terminal Services Server (Win2k3) to my domain, but when a user tries to log in they get the following: "the local policy of this system does not permit you to logon interactively"

Now when I go to add user/groups to local policies, I can't seem to access the Active Directory on my Domain Controller. [From this location:] is set to my domain, when I click [Check Names], it prompts for authentication of an account with permissions for {DOMAIN.local}, I enter DOMAIN\Administrator with the password but it always comes back with [Name Not Found].

Anyone have any ideas why the 2 servers can't seem to see each other? I can browse SMB shares on the DC from the TS Server so it doesn't seem to be a connectivity issue.

Thanks in advance,
Dominic
 
Sort by date Sort by votes
Did you add the users to the Remote Desktop Users group?
 
Upvote 0 Downvote
Well that's what I am saying, when I try adding the users from the DC to the TS, I always get [Object Not Found].

I can remote into TS using the admin account on the local machine, but if I try logging on with DOMAIN\Any User I get "the local policy of this system does not permit you to logon interactively"

All users on the DC are in the Remote Desktop Users group but like I said when I try to add them on the TS, it won't find them.
 
Upvote 0 Downvote
Try creating a security group called TSusers in AD.
Add all remote users to the TSusers Security Group.
Then go to the Terminal Server and add the TSusers group in the Remote Desktop Users group.
 
Upvote 0 Downvote
I've gone to the AD/DC Server and added all remote users to a security group called [TSUsers].

When I go to the TS Server and try to add [TSUsers] to the Remote Desktop Users group I get the same [Name Not Found] window. I am entering DOMAIN/Administrator credentials but it still doesn't seem to want to find it.
 
Upvote 0 Downvote
Could be a DNS problem

Paul

MCSE 2003

"Two things are infinite: the universe and human stupidity; and I'm not sure about the the universe."
Albert Einstein
 
Upvote 0 Downvote
When you are attempting to add the user, under Select This Object Type, be sure it is looking for Users or Groups.

And under From This Location, be sure it is searching the Entire Directory and not the local machine.
 
Upvote 0 Downvote
There was a DNS problem which I resolved. Now when I go to select locations [From this location:], I only have access to that local machine, I can no longer select the entire directory...

Any ideas?
 
Upvote 0 Downvote
Has this TS server actually been joined to the domain? Sounds like it is not communicating at all the domain level.
 
Upvote 0 Downvote
What was the nature of the DNS problem and how did you resolve it??

Paul

MCSE 2003

"Two things are infinite: the universe and human stupidity; and I'm not sure about the the universe."
Albert Einstein
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
430
MaioMaio
MaioMaio
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
536
Aquiles Vidal
Aquiles Vidal
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
701
suncit
suncit
antonio_dsanchez
  • Locked
  • Question
post-installation WSUS windows server 2016
Replies
0
Views
439
antonio_dsanchez
antonio_dsanchez
jamescpp
  • Locked
  • Question
Windos OpenSSH server vulnerability
Replies
0
Views
527
jamescpp
jamescpp

Part and Inventory Search

Sponsor

Back
Top