# Issues with Terminal Services



## amagab (Jul 14, 2006)

We have a domain controller and a file server at work. In the past there hasn't been any issues with remotely connecting to either of them.

However, starting yesterday I am not able to remotely connect to the file server but it's still possible to the domain controller.

Any ideas on how I can fix this? I'm not sure what happened. I belong to the administrators group.

Please help! It's quite urgent.

Many thanks!


----------



## StumpedTechy (Jul 7, 2004)

On the file server are there any event logs?

Have you tried remote desktoping from the Domain controller to the file server?

What is the error your getting when trying to connect?


----------



## amagab (Jul 14, 2006)

Sorry, I forgot to include that. The message I get when trying to remote to the file server:

_"To log on to this remote computer, you must be granted the Allow log on throught Terminal Services right. By Default, members of the Remote Desktop Users Group have this right. If you are not a member of the Remote Desktop Users group or another group that has this right, or if the Remote Desktop group does not have this right, you must be granted this right manually."_

I tried from the DC but that gave the same message. :-(

Thanks for your fast response. Any advice!?


----------



## StumpedTechy (Jul 7, 2004)

From the DC are you able to right click my computer and manage and then use the manager to get to the file server? (Or do it right from the file server if your at the 2 devices right now)? You want to look at the local groups on the file server and make sure noone has been playing with them.

Since you get the same error connecting from 2 PCs the error has to be on the file server itself.


----------



## amagab (Jul 14, 2006)

It doesn't look like anyone has been changing anything. Btw, I'm the only one with admin rights.


----------



## StumpedTechy (Jul 7, 2004)

HAs anyone set a policy on the file server denying rights to log on through terminal services?


----------



## lazysmurf (Mar 28, 2007)

Do you have a "terminal server users" group? make sure you add your self in the group? are you trying to remote from the outside the office or the inside the office?


----------



## amagab (Jul 14, 2006)

Nope, no such policies in place.


----------



## lazysmurf (Mar 28, 2007)

are you trying to remote from outside of the office or inside of the office? if you are trying to remote from the outside, check your firewall.
Check your AD if there's a group named "Terminal server users" just to check.


----------



## amagab (Jul 14, 2006)

I've tried from both inside and outside. Both ways works to the DC but not to the file server. I have two admin accounts (one new and one old) and I've tried both with same results. Thanks!


----------



## lazysmurf (Mar 28, 2007)

Just to double check, type in 'gpresult' in your command prompt to see if there's any hidden group policy.


----------



## lazysmurf (Mar 28, 2007)

Have you tried to remote to the server with an ip address from the inside? check your dns if it's pointing to the right server name and ip?


----------



## amagab (Jul 14, 2006)

lazysmurf said:


> Just to double check, type in 'gpresult' in your command prompt to see if there's any hidden group policy.


Thanks, I'll try that when I get to my office.



lazysmurf said:


> Have you tried to remote to the server with an ip address from the inside? check your dns if it's pointing to the right server name and ip?


I only use the IP address when connect remotely.....good habit for when I'm outside our network.


----------



## lazysmurf (Mar 28, 2007)

next thing i would of try is do a tracert to see where it's heading to from the outside.
also check event log if there's anything going on, even it's warning could be the cause of the problem.


----------



## srhoades (May 15, 2003)

Have you tried restarting the server? I occasionally have this issue where even though the service is running I can't connect and a reboot fixes it.


----------



## amagab (Jul 14, 2006)

lazysmurf said:


> Just to double check, type in 'gpresult' in your command prompt to see if there's any hidden group policy.


Running that command, I'm part of these groups:

Domain Users
Everyone
BUILTIN\Users
BUILTIN\Administrators
NT AUTHORITY\INTERACTIVE
NT AUTHORITY\Authenticated Users
This Organization
LOCAL
Domain Admins



lazysmurf said:


> next thing i would of try is do a tracert to see where it's heading to from the outside.
> also check event log if there's anything going on, even it's warning could be the cause of the problem.


For some reason I can't access the Security page in the Event Viewer. Access denied. ??



srhoades said:


> Have you tried restarting the server? I occasionally have this issue where even though the service is running I can't connect and a reboot fixes it.


Considering that solves most Windows problems, yes, I have rebooted but didn't fix anything.


----------



## lazysmurf (Mar 28, 2007)

hmmm...... try put your domain user name into the server's local user and groups, put your self as local admin. see if that helps?


----------



## amagab (Jul 14, 2006)

lazysmurf said:


> hmmm...... try put your domain user name into the server's local user and groups, put your self as local admin. see if that helps?


That fixed it. Thanks for all your help.


----------



## lazysmurf (Mar 28, 2007)

just fyi, i don't think that resolve the real issue. You might want to check your domain admin's privileges in your environment. domain admins should have all the local admin access, you might need to start to integrate a policy for that. Glad I was able to help.


----------



## StumpedTechy (Jul 7, 2004)

Listen to Lzaysmurf and check the local Admins group on your File server and ensure you have Domain admins listed in there.... I am pretty sure for some reason that must not be in there.


----------

