Questions

Cannot log into DC w/ remote desktop

+
0 Votes
Locked

Cannot log into DC w/ remote desktop

christopherddecker
I have a secondary domain controller on a virtual machine in VMWare. When I try to use Remote Desktop the error says: "The system cannot log you on due to the following error: "Access is denied. Please try again or consult your system administrator". I can log into this second dc from the VMware terminal. I am a domain administrator and the only thing that has been done is updates. I just recently installed another dc at a remote site and put this remote dc and subnet in sites and services.
  • +
    0 Votes
    Sean Mullin

    Not to insult anyone's intelligence, check your settings. Ensure account you are using is an Admin, and ensure Remote Desktop is enabled.

    +
    0 Votes
    christopherddecker

    I made sure I checked the small things first: I am a domain admin, and RD is enabled. It use to work before. I tried making myself an enterprise admin and no luck. I do not have any group policies configured. I think a Windows update might have done something, or it could be something to do with when I created a third DC for a remote office.

    +
    0 Votes
    Sean Mullin

    There is a new RDC client out that may be giving you issues. http://support.microsoft.com/default.aspx/kb/925876

    It was released at the end of April.

    +
    0 Votes
    christopherddecker

    It is something to do with my replication.

    When I try to replicate now in sites and services it says the source server is currently rejecting replication requests. I run dcdiag and it says Replication has been explicitly disabled through the server options?

    +
    0 Votes
    Sean Mullin

    Check your replication, see what DC's are giving you an issue.

    +
    0 Votes
    christopherddecker

    I am getting Target Principal name is incorrect and a recent replication attempt failed when I run dcdiag on my second dc. http://support.microsoft.com/kb/288167

    I will have to try the netdom tool referenced in the kb article on my second dc and possibly on the remote site dc to get the primary dc (PDC emulator) to talk to the other servers.

    +
    1 Votes
    ankido2000

    hence you mentioned VMware the first thing that come to my mind is the time synch. If windows clock set to vmware clock and it is out of AD domain synch you will not be able to logon due to the time difference. I think Windows allows a maximum of 5 minutes difference.

    Good luck

    :-)

  • +
    0 Votes
    Sean Mullin

    Not to insult anyone's intelligence, check your settings. Ensure account you are using is an Admin, and ensure Remote Desktop is enabled.

    +
    0 Votes
    christopherddecker

    I made sure I checked the small things first: I am a domain admin, and RD is enabled. It use to work before. I tried making myself an enterprise admin and no luck. I do not have any group policies configured. I think a Windows update might have done something, or it could be something to do with when I created a third DC for a remote office.

    +
    0 Votes
    Sean Mullin

    There is a new RDC client out that may be giving you issues. http://support.microsoft.com/default.aspx/kb/925876

    It was released at the end of April.

    +
    0 Votes
    christopherddecker

    It is something to do with my replication.

    When I try to replicate now in sites and services it says the source server is currently rejecting replication requests. I run dcdiag and it says Replication has been explicitly disabled through the server options?

    +
    0 Votes
    Sean Mullin

    Check your replication, see what DC's are giving you an issue.

    +
    0 Votes
    christopherddecker

    I am getting Target Principal name is incorrect and a recent replication attempt failed when I run dcdiag on my second dc. http://support.microsoft.com/kb/288167

    I will have to try the netdom tool referenced in the kb article on my second dc and possibly on the remote site dc to get the primary dc (PDC emulator) to talk to the other servers.

    +
    1 Votes
    ankido2000

    hence you mentioned VMware the first thing that come to my mind is the time synch. If windows clock set to vmware clock and it is out of AD domain synch you will not be able to logon due to the time difference. I think Windows allows a maximum of 5 minutes difference.

    Good luck

    :-)