On a specific machine/server
¬ Start , Run , type secpol.msc.
¬ In the left side pane of the mmc, navigate to Security Settings>Local Policies>User Rights Assignment
¬ In the right side pane double-click on Allow log on through Remote Desktop Services
¬ Click on add users or groups
¬ Enter Remote Desktop Users
¬ Finally, click OK to save
Now any user who is a member of the Remote Desktop Users group will be able to successfully remote into the server/machine
On a number of machines via Group Policy
The above mentioned setting is one which can also be applied through Group Policy if there are multiple machines/servers you wish to allow certain users/security groups to RDP into. The setting which needs to be changed in the group policy is found here:
Computer Configuration>Policies>Windows Settings>Local Policies>User Rights Assignment>Allow Log on through Terminal Services
Double click on the Allow Log on through Terminal Services policy and then user the "Add User or Group..." button to add the Remote Desktop User group into the policy. Click Apply and then OK to save your settings.
Now any user/security group that is a member of the Remote Desktop Users group will be able to successfully remote into any of the servers/machines the group policy applies to
No comments:
Post a Comment