Announcement

Collapse
No announcement yet.

Access denied when using RDP

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Access denied when using RDP

    When domain users are trying to login to the server via RDP (this is a DC by the way) they are getting Access Denied when they hit the server, followed by a OK box. These users have been able to login before as normal.

    I've made the adjustments in the Local Security policy, allowing terminal services login for Remote Desktop Users (and all users have been put into that group as well). I also modified the Default Domain Policy, and made sure Terminal Services connections are enabled under Administrative Templates/Windows Components/Terminal Services/Connections.

    RDP has been enabled through Remote desktop tab on my computer, obviously.

    Anything else I could be missing at this point?

    Thanks!

    Pritesh

  • #2
    Re: Access denied when using RDP

    Errrr in the first place, why on earth would you allow your users to login into your DC???
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: Access denied when using RDP

      Yeah, I know it's a security breach, but resources are limited. Plus this isn't really a production machine, so not too worried about it at this point. Thanks for the concern, it's definitely appreciated.

      Pritesh

      Comment


      • #4
        Re: Access denied when using RDP

        Ok... Anyway check your domain controller policies.
        Marcel
        Technical Consultant
        Netherlands
        http://www.phetios.com
        http://blog.nessus.nl

        MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
        "No matter how secure, there is always the human factor."

        "Enjoy life today, tomorrow may never come."
        "If you're going through hell, keep going. ~Winston Churchill"

        Comment


        • #5
          Re: Access denied when using RDP

          Already checked it, looks fine to me. User rights assignment has been set correctly to allow only users in Remote Desktop Users access.

          Pritesh

          Comment


          • #6
            Re: Access denied when using RDP

            Check Task Manager, User tab and see how many connections are being used.
            1 1 was a racehorse.
            2 2 was 1 2.
            1 1 1 1 race 1 day,
            2 2 1 1 2

            Comment


            • #7
              Re: Access denied when using RDP

              None at this time, and none are when I try to RDP in and none when I get the error

              Pritesh

              Comment


              • #8
                Re: Access denied when using RDP

                Check to see if any local profiles have been created on the DC. If you see profiles for the users that have attempted to log in, delete them all and try again. In fact, nuke all local profiles on the DC anyway. I heard that someone resolved this issue by doing that. apparently it was a corrupted profile issue.
                Wesley David
                LinkedIn | Careers 2.0
                -------------------------------
                Microsoft Certifications: MCSE 2003 | MCSA:Messaging 2003 | MCITP:EA, SA, EST | MCTS: a'plenty | MCDST
                Vendor Neutral Certifications: CWNA
                Blog: www.TheNubbyAdmin.com || Twitter: @Nonapeptide || GTalk, Reader and Google+: [email protected] || Skype: Wesley.Nonapeptide
                Goofy kitten avatar photo from Troy Snow: flickr.com/photos/troysnow/

                Comment


                • #9
                  Re: Access denied when using RDP

                  Deleted all profiles, and when using my personal account, couldn't login in. Got the same error. When trying to login locally (console, in front of the machine) I got
                  You cannot log on because the logon method you are using is not allowed on this computer. Please see your network administrator for more information

                  Something else is definitely going on here. I was able to login as the Administrator locally without a problem.

                  Thanks

                  Pritesh

                  Comment


                  • #10
                    Re: Access denied when using RDP

                    Can you connect to this computer using Computer Management from another machine? How about ADUC or GPMC? Can you connect to any shared folders? Admin shares? Is there any authentication scheme that is being accepted at all?

                    More importantly, is there a second domain controller?

                    EDIT: Is there a firewall on the DC and if so, what kind? Built in Windows firewall or something like Norton?
                    Wesley David
                    LinkedIn | Careers 2.0
                    -------------------------------
                    Microsoft Certifications: MCSE 2003 | MCSA:Messaging 2003 | MCITP:EA, SA, EST | MCTS: a'plenty | MCDST
                    Vendor Neutral Certifications: CWNA
                    Blog: www.TheNubbyAdmin.com || Twitter: @Nonapeptide || GTalk, Reader and Google+: [email protected] || Skype: Wesley.Nonapeptide
                    Goofy kitten avatar photo from Troy Snow: flickr.com/photos/troysnow/

                    Comment


                    • #11
                      Re: Access denied when using RDP

                      Haven't tried via Computer Management or anything else. File sharing is fine. There is no secondary DC, and the firewall is the Windows Firewall. Username/password authentication to network drives is functioning normally at this point.

                      Thanks

                      Pritesh

                      Comment


                      • #12
                        Re: Access denied when using RDP

                        Originally posted by siliconvalley785 View Post
                        Haven't tried via Computer Management or anything else. File sharing is fine. There is no secondary DC, and the firewall is the Windows Firewall. Username/password authentication to network drives is functioning normally at this point.
                        Just for the future, you may want to get a secondary DC in there. Either that or make sure you've got really good backups and know how to restore it in a snap. But anyway...

                        I've heard of Norton firewall blocking authentication ports and causing an issue like this. If you can, go into Computer Management on another computer and see if you can view the DC's event logs for anything interesting. Have you tried just rebooting the DC? When in doubt, reboot.
                        Wesley David
                        LinkedIn | Careers 2.0
                        -------------------------------
                        Microsoft Certifications: MCSE 2003 | MCSA:Messaging 2003 | MCITP:EA, SA, EST | MCTS: a'plenty | MCDST
                        Vendor Neutral Certifications: CWNA
                        Blog: www.TheNubbyAdmin.com || Twitter: @Nonapeptide || GTalk, Reader and Google+: [email protected] || Skype: Wesley.Nonapeptide
                        Goofy kitten avatar photo from Troy Snow: flickr.com/photos/troysnow/

                        Comment


                        • #13
                          Re: Access denied when using RDP

                          When trying to get into Event Viewer from the other computer (off domain), the machine comes back saying the RPC Service is unavailable. I"m restarting now, because when I tried to logon locally as the Admin the machine is hanging at "Please wait for the User Profile Service". I"m pretty sure RPC services are working, but we'll recheck when I log in again.

                          Pritesh

                          EDIT: under a machine logged on as Administrator (for the domain), I am able to view Event Viewer/Computer Management.
                          Last edited by siliconvalley785; 8th April 2010, 02:37.

                          Comment


                          • #14
                            Re: Access denied when using RDP

                            May have missed this during the read, but is the Router forwarding 3389 to the correct machine?
                            Have the Users got the correct IP?
                            Is this access Internal or External from the site? Are you trying to RDP from home?
                            Have you tried using an Administrator account?
                            Have you installed any software/anti virus on the target Server that has a firewall? ZoneAlarms, Norton A/V, CA, MacAffee etc?
                            1 1 was a racehorse.
                            2 2 was 1 2.
                            1 1 1 1 race 1 day,
                            2 2 1 1 2

                            Comment


                            • #15
                              Re: Access denied when using RDP

                              All of that is set correctly and was working just fine before this incident. I'm trying to make to RDP works internally before making it external. Ports are fine, IP is correct, tried using Administrator account with no success. Only virus software that is on there is McAfee Virus Scan Enterprise 8.7i, and that's never presented a problem before.

                              Pritesh

                              Comment

                              Working...
                              X