• Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.

RDP with domain user account

Collapse
X
  •  
  • Filter
  • Time
  • Show
Clear All
new posts

    RDP with domain user account

    I have built a Windows 8, Windows Server 2008 R2 and Windows Server 2012 R2 machine and all have the same problem so at least it's consistent.

    Basically the problem is this.

    Enable remote desktop access, and add a domain user to the local remote desktop users group. Try and log in with the domain user account, the RDP session starts and hangs at the welcome screen.

    If I create a local user, and add it to the same group then I can RDP in with no problem.

    The AD user is also added to the domain remote users group.

    So to sum up. Domain users hang, local users work fine with RDP to all of the OS's I have listed above.

    Anyone got any ideas?
    Knock first as I might be balancing my chakras.

    #2
    Sounds like to me (and I'm not expert in this), that the machine you are RDPing to has problem accessing the domain controller. Network / Firewall setup.

    Comment


      #3
      Originally posted by DimPrawn View Post
      Sounds like to me (and I'm not expert in this), that the machine you are RDPing to has problem accessing the domain controller. Network / Firewall setup.
      Smells like that to me too. Nothing coming up on a wireshark trace to support this.

      Also the machine I am rdping to, I can log on successfully with these credentials locally so it authenticates via the DC fine.
      Knock first as I might be balancing my chakras.

      Comment


        #4
        Stoopid question, are there pending updates on the server?

        Try a server reboot and see if you can RDP on after that.

        Comment


          #5
          Try 'telnet ad_server 389' and 'telnet ad_server 689' from client same other way...

          Comment


            #6
            Have you tried logging onto any of the three machines as the domain user but from the console of what ever hypervisor you are using? Eliminate the RDP aspect of any fault finding
            Originally posted by Stevie Wonder Boy
            I can't see any way to do it can you please advise?

            I want my account deleted and all of my information removed, I want to invoke my right to be forgotten.

            Comment


              #7
              nlasvc timeout is the error in the event log. Along with crpytosvc.

              A common problem on Citrix VDI, but I am running on Centos KVM.

              Logging into the machines using domain account is fine, problem only exists via RDP using a domain login.
              Knock first as I might be balancing my chakras.

              Comment


                #8
                Originally posted by DimPrawn View Post
                Stoopid question, are there pending updates on the server?

                Try a server reboot and see if you can RDP on after that.
                Patched up the ying yang. Many reboots.
                Knock first as I might be balancing my chakras.

                Comment


                  #9
                  Originally posted by stek View Post
                  Try 'telnet ad_server 389' and 'telnet ad_server 689' from client same other way...
                  Yep those ports are open, and I can see handshakes in wireshark.
                  Knock first as I might be balancing my chakras.

                  Comment


                    #10
                    OK I am going to build 2 machines and use VNC so I have a workaround.

                    No need to apply any more thought to what is clearly a very weird problem.

                    Thanks all.
                    Knock first as I might be balancing my chakras.

                    Comment

                    Working...
                    X