I was working on a 2003 server and needed to give remote access to users that are not administrators on the server. This was not a terminal server. I added them to the Remote Desktop Users group but they could not logon. When trying to log on as one of the users It gave a message saying the user did not have permission for remote access. To get around this I created a security group called RDPUSERS in AD and gave that group terminal services access to the server in group policy. Here are the steps:
- Go to Active Directory and create a security group. Call it whatever you want
- Add all of the non-administrative users you want to have remote access to this group
- Go to start run and tpye gpedit.msc
- On the left pane of the window, expand Computer Configuration>> expand Windows settings>>expand Security Settings>>expan Local policies>>click on User Rights Assignment
- On the right-pane of the window, right click on “Allow log on through terminal services” and choose properties now click add user or group and add the group you created before
Now the non administrative users should be able to log onto the server.