[TriLUG] Windows / Active Directory help needed

Aaron Bednar aaron_bednar at unc.edu
Wed Jun 10 12:02:03 EDT 2009


This works in our environment by doing the following:

On the server:
1) Go to: Control Panel -> System -> Remote tab
2) Check "Enable Remote Desktop on the Computer"
3) Click select remote users
4) Enter usernames to RDP in there.

The usernames entered there aren't domain admins and they aren't 
members of the Remote Desktop Operators group.

Hope this helps. :)


-------------------
Aaron Bednar
Tech Support Specialist
Academic Affairs Library
UNC-Chapel Hill, CB 3922
(919) 843-5352
-------------------


Quoting Matt Pusateri <mpusateri at wickedtrails.com>:

> And beat your head against the wall right?  I'm pretty sure you can't 
>  admin an AD box without the obligatory head banging :)   My  
> condolences and or apologies to anyone who has to admin Windows for a 
>  living.
>
> Matt P.
> (Life's too short to be a Windows admin)
>
> On Jun 10, 2009, at 11:45 AM, <OlsonE at aosa.army.mil> 
> <OlsonE at aosa.army.mil > wrote:
>
>> I'm guessing you've already enabled RDP on the server?
>>
>> -----Original Message-----
>> From: trilug-bounces at trilug.org [mailto:trilug-bounces at trilug.org]  
>> On Behalf Of John Berninger
>> Sent: Wednesday, June 10, 2009 10:46 AM
>> To: Internetworkers: http://www.ibiblio.org/internetworkers/;  
>> Triangle Linux Users Group General Discussion
>> Subject: [TriLUG] Windows / Active Directory help needed
>>
>> Apologies in advance for any duplicates as a result of cross-posting  to
>> internetworkers and trilug.
>>
>> I'm a Linux guy, and I'm having to figure out how to make AD in Win2k3
>> work.  So far, I've gotten far enough to have the domain up and  running,
>> users are being authenticated properly, I can add computers to the
>> domain, etc...
>>
>> What I can't do is figure out how to allow a given user (let's call  the
>> user "joe") to RDP into a member server without giving joe Domain  Admin
>> rights.  I have added joe to the Remote Desktop Users group in AD
>> (DOMAIN/Builtin), I have moved the computer to a new OU and given that
>> OU a Group Policy that gives Remote Desktop Operators the following  privs:
>> - Allow log on on Locally
>> - Access this computer from the network
>> - Allow log on through Terminal Services
>>
>> What am I missing?
>>
>> -- 
>> John
>>
>> Dovei'andi se tovya sagain.
>>
>> --
>> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
>> TriLUG FAQ  : http://www.trilug.org/wiki/Frequently_Asked_Questions
>> --
>> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
>> TriLUG FAQ  : http://www.trilug.org/wiki/Frequently_Asked_Questions
>
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG FAQ  : http://www.trilug.org/wiki/Frequently_Asked_Questions
>





More information about the TriLUG mailing list