Check the Group Policies assigned to the
terminal server. Under Computer Configuration>Windows
Settings>Security Settings>Local Policies>User Rights Assignments, look
for “Allow Logon through Terminal Services”. This user was
probably added here. If you add a username to any of the
Windows Settings policies in a GPO, and the username changes, then you have to
go back and change it manually. It is not automatically updated like most
of the rest of AD. I would recommend using security groups instead of
users here for this reason. The group name is less likely to
change. Kevin From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Ramon Linan Hi, I have a user who got marry (changed her
last name) so I had to change her login username, email, etc. Since I did that, she has not been able to
log on to a server (DC) using remote desktop connection, I checked and she has
the right permissions to use terminal services, etc. What is the best way to troubleshoot this? I am getting this log in the event log Logon Failure: Reason: The user has not been granted the requested logon type at this machine User Name: <username> Domain: <domain name> Logon Type: 10 Logon Process: User32 Authentication Package: Negotiate Workstation Name: <servername> For more information, see Help and Thanks all |
- [ActiveDir] AD Security Group Information Frank Abagnale
- RE: [ActiveDir] AD Security Group Information Thommes, Michael M.
- [ActiveDir] Problem driving me crazy Ramon Linan
- RE: [ActiveDir] Problem driving me c... Kevin Brunson
- RE: [ActiveDir] Problem driving m... Ramon Linan
- RE: [ActiveDir] Problem driving me cr... Vinnie Cardona
- [ActiveDir] RPC error when trying... Washington, Booker
- RE: [ActiveDir] AD Security Group Informa... joe
- RE: [ActiveDir] AD Security Group Information neil.ruston
- RE: [ActiveDir] AD Security Group Information Almeida Pinto, Jorge de