RE: [ActiveDir] Remote Desktop Issue

[Michael B. Smith]

Doesn't local "Administrators" by default include "Domain Admins" but not "Enterprise Admins"? -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Daniel Gilbert Sent: Saturday, March 27, 2004 11:39 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Remote Desktop Issue Nothing appeared in the event logs.  I was able to clear up the problem.  Do know why this worked but here is what I did:   Added the new Enterprise Admin to the Remote Desktop tab in SYSTEM properties.  Let him log in successfully, had him log off, removed him from Remote Desktop tab, had him log in again.   I know, everyone is saying, “Wait a minute! If the Remote Desktop tab is empty then Administrators can log in by default”  Yep, I totally agree.  Don’t understand why this worked but it did.   BTW Joe, great write up on DEC.  I was supposed to attend but we started a big Windows 2003 migration and I happen to have the last Rubber Chicken Gil ever gave out at a DEC, got it in Ottawa.   DAn   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Saturday, March 27, 2004 7:47 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Remote Desktop Issue   That almost sounds like a disk space or permissions issue... I.E. it is trying to create the local profile, failing, and blowing the user off. Anything in the event logs?    joe   ------------- http://www.joeware.net   (download joeware) http://www.cafeshops.com/joewarenet  (wear joeware)         From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Daniel L. Gilbert Sent: Friday, March 26, 2004 12:48 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Remote Desktop Issue No error message.  He gets the logon prompt, logs on, the screen flashes “applying settings” then the terminal session screen closes out.   Really weird.   Dan   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tim Hines Sent: Thursday, March 25, 2004 12:35 PM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] Remote Desktop Issue   What error does he get when trying to connect using a terminal session?   ----- Original Message ----- From: Gilbert, Daniel L Mr ANOSC/FCBS To: ActiveDir ([EMAIL PROTECTED]) Sent: Thursday, March 25, 2004 1:58 PM Subject: [ActiveDir] Remote Desktop Issue   To All:   I have a Remote Desktop issue that is driving me nuts.  Servers are Windows Server 2003.   I have a root domain spread across to two different sites, both physically (East Coast and West Coast) and AD wise (AD East and AD West).   My two Enterprise Admins are members of a child domain (Child1) and through security group membership; they are placed into the Enterprise Admins security group in the root domain.   This structure has worked fine for the last year.  One of the Enterprise Admins has moved on to a bigger and better job and I promoted one of my Senior Admins to become a new Enterprise Admin.   Now the fun part begins.   The new Enterprise Admin can log on locally to the root DCs in the physical site West Coast (the bulk of the root is here) from either the keyboard or via Remote Desktop.   The new Enterprise Admin can log on locally to the root DCs in the physical site East Coast (our COOP site) from the keyboard but he can not log in via Remote Desktop.   I am sure his account has replicated from West Coast to East Coast because he can log on from the keyboard and I have waited long enough for replication to occur.   I checked the permissions on the RDP connection but it still at default.   Any ideas where I can go for a clue?  My head is getting squishy from beating it against the wall.   Daniel L. Gilbert, Contractor Senior Active Directory Specialist CONUS Theater Network Operations and Security Center (CONUS-TNOSC) (520) 533-6700 DSN: 821-6700 [EMAIL PROTECTED]