How to allow active directory users to remote desktop in?

This is my first time setting up or even using active directory.

I set it up, and added the computers(Actually VMs in Hyper V) to the active directory, and if if I use hyper-V to connect to the VMs, I am able to use users from the active directory domain to login to the VMs.

However, if I try to login via remote desktop, I get this error:

The connection was denied because the user account is not authorized for remote login.

I have tried:
- From within active directory, i have added the group that my user is in to Remote Desktop users.
- On the VM itself, adding the active directory group(that contains the user I am trying to login with) to Allow log on through Remote Desktop Services in Local Security Policy.

I still have the same authorization denied error.

How do I properly setup a group in active directory to be able to login with remote desktop on all of my Virtual Machines?

Thanks!


Solution 1:

  1. Start → Run → secpol.msc

    Security Settings\Local Policies\User Rights Assignment

    Right pane → double-click on Allow log on through Remote Desktop Services → Add Users or Group → enter Remote Desktop Users

  2. Start → Run → services.msc

    Look for Remote Desktop Services and make sure the Log on account is Network Service, not Local System.

  3. Check your event logs.

Solution 2:

Add the users in question to the Remote Desktop Users group on each local machine.

Solution 3:

I think i found the solution to this problem.

Open this in the workstation where you want to connect, Control Panel\System and Security\System, click Advance System Settings. On the Remote tab, on the Remote Desktop group, click the button Select Users...

Click Add and add the user that you want to have access. If you are using AD, make sure you can ping the domain. Always click Check Names, to make sure that the user you are adding are correct. ex: [email protected].