Error DataBase-One Place all Solutions Forums Blog Glossary    Contact Us
Search  
   
Browse by Category
Error DataBase-One Place all Solutions
 Business Desktop Deployment (BDD) 2007
 Citrix
 DataBase
 Drivers
 Microsoft Exchange Server
 Mobile Junction
 Operating Systems
 Solaris Opearting System (OS)
 Windows Operating Systems
 MS DOS
 Windows 2000
 Windows 2003
 Windows Scripts and Batch Files
 Windows Server 2008
 Windows VISTA
 Windows XP
 Technical vocabulary
 Virtualization
 WebMaster
Error DataBase-One Place all Solutions .: Operating Systems .: Windows Operating Systems .: Windows 2003 .: How to : Enabling users to connect remotely to the server

How to : Enabling users to connect remotely to the server

To enable users to connect remotely to a terminal server, you must ensure that:

Remote Desktop is enabled on the server. For instructions on how to enable Remote Desktop

Using Group Policies (best practice)

1.

Open Group Policy.

2.

In Computer Configuration, Administrative Templates, Windows Components, Terminal Services, double-click the Allows users to connect remotely using Terminal Services setting.

3.

Do one of the following:

To enable Remote Desktop, click Enabled.

To disable Remote Desktop, click Disabled.

If you disable Remote Desktop while users are connected to the target computers, the computers maintain their current connections, but will not accept any new incoming connections.

Users have the appropriate rights and permissions to log on remotely to the server.

To perform these two tasks, you must be logged on as a member of the Administrators group

Using the Remote Desktop Users group to grant access to a terminal server

You can easily manage permissions and rights for a terminal server on a per-computer basis, by using the Remote Desktop Users group. The Remote Desktop Users group is one of the built-in users groups available when you install one of the Windows Server 2003 operating systems. Members of this group are able to log on remotely to a terminal server on which Remote Desktop is enabled.

By default, the Remote Desktop Users group is not populated. Therefore, you must decide which users and groups should have access to log on remotely to a terminal server, and then add them to this group. For instructions on how to add users to the Remote Desktop Users group

To add users to the Remote Desktop Users group

1.

Open Computer Management.

2.

In the console tree, click the Local Users and Groups node.

3.

In the details pane, double-click the Groups folder.

4.

Double-click Remote Desktop Users, and then click Add....

5.

On the Select Users dialog box, click Locations... to specify the search location.

6.

Click Object Types... to specify the types of objects you want to search for.

7.

Type the name you want to add in the Enter the object names to select (examples): box.

8.

Click Check Names.

9.

When the name is located, click OK.

Notes

By default, the Remote Desktop Users group is not populated. You must decide which users and groups should have permission to log on remotely, and then manually add them to the group.

To open Computer Management, click Start, click Control Panel, double-click Administrative Tools, and then double-click Computer Management.

It is highly recommended that you use the Remote Desktop Users group to grant individuals access to terminal servers, rather than assigning the required permissions manually

Caution

If you alter the default permissions on the Remote Desktop Users group or remove this group, members of this group might lose the ability to log on remotely to terminal servers.

Assigning Permissions Manually

In some cases, it might be necessary to manage access to a terminal server on a per-connection basis and to manually customize rights and permissions. Keep in mind that if you do not use the Remote Desktop Users group to grant users access to log on to a terminal server, you must assign those users the same rights and permissions manually. The required rights and permissions are as follows:

Right or permission  : Comments

Allow log on through Terminal Services

This right determines which users or groups have permission to log on as a Terminal Services client.

Configure by navigating to Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\.

For configuration instructions, see Edit security settings on a Group Policy object .

User Access :

This permission type grants the following special permissions: Query Information, Logon, and Connect. These special permissions allow a user to:

Log on to a session on the terminal server.

Query information about a session.

Send messages to other user sessions.

Connect to another session.

Configure by using Terminal Services Configuration.

For configuration instructions, see Change the permissions a user or group has to a connection .

You can also explicitly deny an individual user access to a terminal server by modifying that user's terminal server profile. Doing this is useful if you have granted a large group access to a terminal server, but want to make individual exceptions as needed
Article 1273
Created 2-21-2008
Author Lucki
Rating (None)

How helpful was this article to you?

Related Articles

article How to Remotely manage Windows 2008 Server Core Firewall
As you already know by now, in Windows...
(No rating)  3-26-2008    Views: 173   
article How to Remotely Manage Devices in Windows 2008 Server Core
Server Core installation provides a minimal...
(No rating)  3-26-2008    Views: 193   
article How to Remotely Administer Internet Information Services in Windows Server 2003
SUMMARY This article describes the various...
(No rating)  5-20-2008    Views: 144   

User Comments

Add Comment
No comments have been posted.