O
Ole Weigelt
Guest
Hi everybody,
I have installed two Servers with Server 2008 (I have installed the German
Version, please excuse wrong wording):
S1: Roles: AD and TS-License-Server, not activated, in AD one OU, GPO active
S2: Roles: TS-Application-Server, per-User-Licensing
S2 finds S1 as License-Server, states correctly that it is not activated and
no licenses are installed.
Online help says that activation is only necessary after many (120?) days.
thus it should work that way.
S2 is in the domain which is controlled by S1.
I can log on as Administrator on S1 and S2 via RDP. If I create a new user,
I always get the message: Your right to log on interactively has been
deactivated (Ihr Recht zur interaktiven Anmeldung wurde dekativiert). I have
done everything I kew to get rid of that message.
I have
1. added the user to the AD-Group 'Remote Desktop users'
(Remotedesktopbenutzer)
2. checked the box 'accept TS logon' (TS-Anmeldung zulassen) in the user's
profile
3. added the user to the local user group 'Remote Desktop users'
(Remotedesktopbenutzer) on S2
4. added the user in the GPO setting for the OU at the setting 'Allow logon
to TS' (Anmeldung am TS zulassen'
5.added the user in the Default Domain Policy at the setting 'Allow logon to
TS' (Anmeldung am TS zulassen'
6. on S2 added the user in Terminal Server Configuration in RDP Setting on
the tab 'Security'
7. browsed through Vera Noest's Website where many solutions are right at
hand. I have found the message and read MSKB 815266, but this seems only to
apply to Server 2003. I have even tried to change the described registry
setting, but nothing happens. I don't think that a 2003 patch would do any
good to my server.
Nothing I have tried so far led to any success. Does anybody have an idea
for my problem or is there a HOWTO on setting up Terminal Services with the
appropriate security settings anywhere?
Thank you for your time
Ole
--
_________
Ole Weigelt, OfficeWorks GmbH & Co. KG
I have installed two Servers with Server 2008 (I have installed the German
Version, please excuse wrong wording):
S1: Roles: AD and TS-License-Server, not activated, in AD one OU, GPO active
S2: Roles: TS-Application-Server, per-User-Licensing
S2 finds S1 as License-Server, states correctly that it is not activated and
no licenses are installed.
Online help says that activation is only necessary after many (120?) days.
thus it should work that way.
S2 is in the domain which is controlled by S1.
I can log on as Administrator on S1 and S2 via RDP. If I create a new user,
I always get the message: Your right to log on interactively has been
deactivated (Ihr Recht zur interaktiven Anmeldung wurde dekativiert). I have
done everything I kew to get rid of that message.
I have
1. added the user to the AD-Group 'Remote Desktop users'
(Remotedesktopbenutzer)
2. checked the box 'accept TS logon' (TS-Anmeldung zulassen) in the user's
profile
3. added the user to the local user group 'Remote Desktop users'
(Remotedesktopbenutzer) on S2
4. added the user in the GPO setting for the OU at the setting 'Allow logon
to TS' (Anmeldung am TS zulassen'
5.added the user in the Default Domain Policy at the setting 'Allow logon to
TS' (Anmeldung am TS zulassen'
6. on S2 added the user in Terminal Server Configuration in RDP Setting on
the tab 'Security'
7. browsed through Vera Noest's Website where many solutions are right at
hand. I have found the message and read MSKB 815266, but this seems only to
apply to Server 2003. I have even tried to change the described registry
setting, but nothing happens. I don't think that a 2003 patch would do any
good to my server.
Nothing I have tried so far led to any success. Does anybody have an idea
for my problem or is there a HOWTO on setting up Terminal Services with the
appropriate security settings anywhere?
Thank you for your time
Ole
--
_________
Ole Weigelt, OfficeWorks GmbH & Co. KG