Clicky

My environment,
WIndows 2000 SP4 DC
I added a second DC WIndows 2008 R2
Everything went fine, ADPREP, DCPROMO, no replication errors, no DNS errors, no FRS errors
5 FSMO roles are still on the 2000 DC but will be soon moved to the 2008 DC

I just installed RDS services on the 2008 DC

I can open RDS session only with users with administrator rights
Regular user cannot open RDS session
(it tells me that this user account is not authorized to open a remote desktop session)

The problem is that the group "Remote Desktop Users" does not exist in AD !!!!! Very strange...

I know it is not recommended for security reasons to add RDS services to a DC but I must do that way. And now I must find a way to open RDS session for regular (not administrator) users

Thank you for your help

asked 10/31/2011 04:39

gadsad's gravatar image

gadsad ♦♦


8 Answers:
what is you domain functional level?
link

answered

elawad's gravatar image

elawad

Windows 2000 native

5 FSMO roles are on the 2000 DC

ALso I noticed that many buit-in groups are missing in AD in the buit-il container
- remote desktop users group
- TS servers licencin g group
link

answered 2011-11-01 at 00:13:50

gadsad's gravatar image

gadsad

is it possible to raise the domain functional level to 2003 and try searching again for the needed groups.
link

answered 2011-11-01 at 01:11:38

elawad's gravatar image

elawad

No I cannot since I have a 2000 DC with all 5 FSMO roles
link

answered 2011-11-01 at 01:31:39

gadsad's gravatar image

gadsad

but are you planning to transfer the FSMO roles to the new windows server 2008 DC?
link

answered 2011-11-01 at 01:44:02

elawad's gravatar image

elawad

Yes I am planning to do that
Do you think that is my problem ?
link

answered 2011-11-01 at 01:54:54

gadsad's gravatar image

gadsad

well it could be related to this issue, but to narrow down the possibilities we need to try this first if you dont have applications that are not going to work with 2003 domain functional level.
link

answered 2011-11-01 at 02:06:38

elawad's gravatar image

elawad

Yes It was related to FSMO roles. I transfert all 5 roles from the 2K to the 2K8 server and the problem was solved immediately

Thank you for your help
link

answered 2011-11-01 at 02:12:46

gadsad's gravatar image

gadsad

Your answer
[hide preview]

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Tags:

×1

Asked: 10/31/2011 04:39

Seen: 303 times

Last updated: 11/04/2011 11:17