[gptalk] Re: Unable to RDP to DC's

  • From: "Jason Williams" <jasonwilliams74@xxxxxxxxx>
  • To: gptalk@xxxxxxxxxxxxx
  • Date: Thu, 18 Oct 2007 09:31:47 -0700

Hi Darren,

I have some very odd things that are happening that are making me nervous. I
am not sure why some of things are occuring, but on edge now.

For instance, I was able to fix connecting to my DC's via RDP. BUT, I still
cannot logon at the console.
Also, i tried to install the GPMC on one of my DC's that did not have it and
I get denied. Message is "The system administrator has set policies to
prevent this installation."
I have tried to open up the "Group Policy Object Editor" on one of my DC's
and I get access denied, which makes no sense because I am using a domain
admin account.

Im a little flustered right now and very nervous.
Any suggestions?

Thanks.

Jason


On 10/18/07, Darren Mar-Elia <darren@xxxxxxxxxx> wrote:
>
>  Jason-
>
> What does GPResults tell you that the effective policy is on a DC? Are you
> sure no changes were made to the GPO linked to the DCs OU? GPMC will tell
> you the Last Modified date on a GPO.
>
>
>
> Darren
>
>
>
> *From:* gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] *On
> Behalf Of *Jason Williams
> *Sent:* Thursday, October 18, 2007 8:52 AM
> *To:* gptalk@xxxxxxxxxxxxx
> *Subject:* [gptalk] Unable to RDP to DC's
>
>
>
> Hello everyone.
>
> Have a great thing happening this morning that I am still trying to track
> down the cause of.
>
>
>
> I came in this morning and a collegue told me he is unable to RDP to any
> of our DC's in our company. I confirmed this and receive the following
> message when trying to do so:
>
> Funny thing is, this was working recently so I need to find out what
> changed.
>
>
>
> "To log on to this remote compuer, you must be granted the Allow log on
> Through Terminal Services right. By default, members of the Remote Desktop
> users group have this right. If youa re not a member of the RDP Group or
> another group that has this right, or if the RDP group does have this right,
> you must be granted this right manually."
>
>
>
> I am part of the RDP group.
>
> I do have a Group policy that does allow RDP to the machine as well as
> "Allow log on through Terminal Services" (with the RDP Group defined.)
>
>
>
> Now, the real kicker is I can not even log on locally to the DC. I get a
> message saying that my policy does not allow this.
>
>
>
>
> SO its a great Thursday morning already. Just thought i'd ask for
> suggestions here.
>
>
> I can log into my Exchange and SQL servers no problem. So I figure it is
> something with GP on the DC OU.
>
>
> Any suggestions?
>
>
>
> I appreciat it.
>
>
> Jas
>

Other related posts: