RE: [ActiveDir] Remote Desktop Issue

[Fugleberg, David A]

Joe - Re your DEC writeup,  I grabbed an extra copy of Stuart's survey to show the folks back home, so if you want the complete thing I've got it - I don't know if anybody would be opposed to my posting it here or not... (Stuart ? Gil ? Anyone?)   It was good to meet you and your manager at DEC - as I told you there, I appreciate your 'rants'  on this list and always learn something.   Oh and by the way...I have one of the last of Gil's rubber chickens, bestowed upon me at DEC 2003 in Scottsdale...it's hanging right here in my cube (rub, rub, rub)   Dave -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of joe Sent: Sunday, March 28, 2004 8:07 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Remote Desktop Issue Ok that does seem weird. I am going to try and forget I read that as it doesn't agree with my world view... <eg> [1]   No problem on the DEC writeup, I hope Gil wakes up and comes on here and does a more detailed (corrected) write up.   As for the rubber chicken... how come everyone has to rub that in...  :o)         [1] That of course is a joke. If I didn't remember the silly things like that my Windows knowledge would be only about 80% of what it is as those weird things are worth remembering because you never know when you can apply it to some other problem and it will solve that too. An example was a problem where the logon process was giving workstations an FQDN for the logon script and the clients were chopping that down to a single host name and using WINS to do the resolution. Well in our environment only data center DCs are listed in all WINS servers so when a client decided to choose a remote WAN DC it never got logon scripts... Well when we were playing with something in Exchange trying to install something or another we ran into a problem and that client issue seemed to be very similar so we did a network trace and voila, sure enough... The exchange server was given an FQDN and was chopping it down to a short host name and not able to resolve it that way... Actually I just recently saw that MS put out a KB Article on Exchange 2000's need for WINS...   ------------- http://www.joeware.net   (download joeware) http://www.cafeshops.com/joewarenet  (wear joeware)       From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Daniel Gilbert Sent: Saturday, March 27, 2004 11:39 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Remote Desktop Issue Nothing appeared in the event logs.  I was able to clear up the problem.  Do know why this worked but here is what I did:   Added the new Enterprise Admin to the Remote Desktop tab in SYSTEM properties.  Let him log in successfully, had him log off, removed him from Remote Desktop tab, had him log in again.   I know, everyone is saying, “Wait a minute! If the Remote Desktop tab is empty then Administrators can log in by default”  Yep, I totally agree.  Don’t understand why this worked but it did.   BTW Joe, great write up on DEC.  I was supposed to attend but we started a big Windows 2003 migration and I happen to have the last Rubber Chicken Gil ever gave out at a DEC, got it in Ottawa.   DAn   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Saturday, March 27, 2004 7:47 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Remote Desktop Issue   That almost sounds like a disk space or permissions issue... I.E. it is trying to create the local profile, failing, and blowing the user off. Anything in the event logs?    joe   ------------- http://www.joeware.net   (download joeware) http://www.cafeshops.com/joewarenet  (wear joeware)         From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Daniel L. Gilbert Sent: Friday, March 26, 2004 12:48 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Remote Desktop Issue No error message.  He gets the logon prompt, logs on, the screen flashes “applying settings” then the terminal session screen closes out.   Really weird.   Dan   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tim Hines Sent: Thursday, March 25, 2004 12:35 PM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] Remote Desktop Issue   What error does he get when trying to connect using a terminal session?   ----- Original Message ----- From: Gilbert, Daniel L Mr ANOSC/FCBS To: ActiveDir ([EMAIL PROTECTED]) Sent: Thursday, March 25, 2004 1:58 PM Subject: [ActiveDir] Remote Desktop Issue   To All:   I have a Remote Desktop issue that is driving me nuts.  Servers are Windows Server 2003.   I have a root domain spread across to two different sites, both physically (East Coast and West Coast) and AD wise (AD East and AD West).   My two Enterprise Admins are members of a child domain (Child1) and through security group membership; they are placed into the Enterprise Admins security group in the root domain.   This structure has worked fine for the last year.  One of the Enterprise Admins has moved on to a bigger and better job and I promoted one of my Senior Admins to become a new Enterprise Admin.   Now the fun part begins.   The new Enterprise Admin can log on locally to the root DCs in the physical site West Coast (the bulk of the root is here) from either the keyboard or via Remote Desktop.   The new Enterprise Admin can log on locally to the root DCs in the physical site East Coast (our COOP site) from the keyboard but he can not log in via Remote Desktop.   I am sure his account has replicated from West Coast to East Coast because he can log on from the keyboard and I have waited long enough for replication to occur.   I checked the permissions on the RDP connection but it still at default.   Any ideas where I can go for a clue?  My head is getting squishy from beating it against the wall.   Daniel L. Gilbert, Contractor Senior Active Directory Specialist CONUS Theater Network Operations and Security Center (CONUS-TNOSC) (520) 533-6700 DSN: 821-6700 [EMAIL PROTECTED]