Follow

Users cannot remotely connect to a domain controller that is protected with the Windows Logon Agent via RDP

Issue

Users who do not have the "Log On Locally" right cannot remotely connect to a computer that is protected with the Windows Logon Agent via RDP, even if they have the correct permissions for a network logon.

Cause

The Windows Logon Agent and Windows Credential Provider handles remote connections to a domain controller as a local logon process. Whether a session is local or remote, it will require local connection privileges.

Resolution 

  1. Assign the user the "Log On Locally" right using Group Policy, or add them to a group that has that right. Instructions on doing this are available here: (Server 2003) http://technet.microsoft.com/en-us/library/cc756809(WS.10).aspx (Server 2008) http://technet.microsoft.com/en-us/library/ee957044(v=ws.10).aspx.
  2. Run "gpupdate /force".
  3. Reboot the Domain Controller.


Affects

Windows Logon Agent and Windows Credential Provider

Questions?

If you have any questions or need some help, we would be happy to assist. Open a case at help.scorpionsoft.com or send an email to support@scorpionsoft.com.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk