On 4/2/2010 7:26 AM, Ronald Phillips wrote:
> On Apr 1, 2:25 pm, wonderwhy<won...@newsgroup> wrote:
>> I sometimes used VPC to check user account security and e-mail accounts.
>> This has always been fine under VPC. With Windows Virtual PC and with
>> it's use of RDP, when I try to login in a NON-administrator account I
>> get the following message: "the local policy of this system does not
>> permit you to login interactively"
>> In secpol.msc under "User Rights Assignment - Allow login through
>> Terminal services" I have added everyone. Now at login with a
>> NON-administrator I get this message" "You do not have access to logon
>> to this session"
>> In secpol.msc under User Rights Assignment - Deny Login through Terminal
>> services I have removed our domain name, the list is empty. At login
>> with a NON-administrator I still get this message" "You do not have
>> access to logon to this session"
>> The only users that can currently login to this VPC are administrators
>> or individual users if I was to add them in the RDP settings. Microsofts
>> answer is to add each individual user to RDP.
>> I have over 2000 NON-administrator users (students). Adding each user
>> name in the RDP settings is not feasible and it does not accept any
>> Group names.
>> There has to be a solution to get around this restriction.
> There should be a "Remote Desktop Users" group in User Manager where
> you can add the group.
I'm assuming you mean in AD Users & Computers. Once again, giving over
2000 students that kind of access is not acceptable.