1. Disable Administrator account to logon to terminal server: under "Administrative Tools"/"Computer Management", go to "Local users and groups" / "Users", find "Administrator" account, right click and select Properties context menu, goto "Terminal services" and un-check "Allow logon to terminal server"
2. Create another account to logon to terminal server: create another user, assign "Administrator" role (the default user role can't be used to logon to terminal server). the default setting for the new user is to "Allow logon to terminal server", so leave as is.
Found a good source for error "Terminal Services Client Error Message: You Do Not Have Access to Logon to This Session"
the following is the detail information:
Terminal Services Client Error Message: You Do Not Have Access to Logon to This Session
View products that this article applies to.
Article ID : 224395
Last Review : February 22, 2007
Revision : 2.3
This article was previously published under Q224395
SYMPTOMS
When you try to log on using the Terminal Services client, you may receive the following error message:
Logon Message: You do not have access to logon to this session.
CAUSE
Terminal Services has a default connection security setting allows only administrators to log on. If the security attributes on a specified connection have not been set, the connection inherits these default security settings. For additional information, please see the following article in the Microsoft Knowledge Base:
225038 (http://support.microsoft.com/kb/225038/EN-US/) Default Connection Changes Are No longer Applied
If the default connection security settings do not meet your needs, you can set custom security attributes.
RESOLUTION
To set custom Terminal Services connection permissions:
1. Click Start, point to Programs, point to Administrative Tools, and then click Terminal Services Configuration.
2. Open the Connections folder.
3. Right-click the connection (RDP-TCP), and then click Properties.
4. On the Permissions tab, add the group(s) that needs access to this connection.
5. Click OK.
STATUS
This behavior is by design.
APPLIES TO
• Microsoft Windows 2000 Server
• Microsoft Windows 2000 Advanced Server
• Microsoft Windows 2000 Datacenter Server
No comments:
Post a Comment