# Unable to logon to AD - no setting "allow logon through Terminal Services



## pingulino (May 22, 2012)

*Unable to logon to AD - "allow log on through terminal services right" does not exist.* 
We have a AD with one domain controller running Win Server 2012.
Users who are not administrators are not allowed to log in via AD, message says they need "allow log on through terminal services right".
Only users who belong to administrators groups can logon.

I have read lots about this, every answer is the same: Change the "Allow Logon Through Terminal Services" GPO, located under Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\. 
Fine - only in Server2012 there is no such setting.
I have looked through all the policies but I can't for the life of me find any settings for Terminal Services.

I did change the "Allow logon through remote desktop services" and added Remote Desktop Users - only effect was that administrator no longer could logon... (Added admins to RDP-group to solve that.)
I also added "everyone" but that had no effect at all.
And my users are members of RemoteDesktopUsers, still can't logon to AD.


----------



## spatian116 (Jan 24, 2010)

Have you tried just going into Local Security Policy? I found this in mine


----------



## srhoades (May 15, 2003)

In server 2012 it may say Remote Desktop services instead of Terminal services.


----------



## Noobs (Oct 21, 2013)

See if you configure a server 2008 with the basic role as remote desktop server , it will be accepted all the connections unlimited from anyone. The only thing you have to do is just add the all users to remote desktop members. 

But After all these settings if you planning to install active directory on that machine all the group policies and all the settings will be changed and affected. 

So after all working fine without active directory you go to gpmc.msc (Group policy management settings control panel) -> go to computer configuration->Windows Settings-> Security Settings-> Local Policies-> User rights assignment->Allow logon through remote desktop services-> Just enable it and add users to that settings.

I am confused that why you all going to local settings after you configured active directory on a server machine.?

YOu should go to group policy management after you configure a domain controller properly.


----------



## Noobs (Oct 21, 2013)

see he has checked to local security policy tell him to check group policy settings from gpmc.msc control panel.


----------

