2
I have two Windows 7 computers on a network, a desktop and laptop. I am trying to connect to the desktop via RDP from the laptop. I enter all the necessary information to connect and it fails to login, yielding the message:
To log on to this remote computer, you must be granted the Allow log on through Terminal Services right. By default, members of the Remote Desktop Users group have this right. If you are not a member of the Remote Desktop Users group or another group that has this right, or if the Remote Desktop Users group does not have this right, you must be granted this right manually.
However, the user I am trying to log in as is a member of the "Remote Desktop Users" group and the "Administrators" group. Both groups are given the "Allow logon through Remote Desktop Services" right. I even tried directly giving the user the "Allow logon through Remote Desktop Services" right. I still encounter the message and cannot log in. I have also tried running gpupdate and restarting N+1 times to no avail.
Why would the RDP service be giving that message if the user in question has the proper rights? How would I go about fixing this? And if it is not an obvious fix, how would I go about gathering more information?
ktb
Posted 2017-06-02T04:21:54.777
Reputation: 133
Yeah.. that was the first google result. That policy is already in place. – ktb – 2017-06-02T04:42:35.197
1
Worth checking :) How about this suggestion of checking that the user (or group) is not explicitly denied: https://serverfault.com/a/680708/204674 ?
– pcdev – 2017-06-02T04:47:47.997You've got to be kidding me... There are both Allow and Deny, and the sets are not mutually exclusive... That was the issue. Write it up and I'll mark it correct. Not sure how that rule got there; it's not a standard generated rule. – ktb – 2017-06-02T05:05:18.700