Questione #1: I am trying to allow a user to use Terminal Services on a Windows 2000 SP3 server that is running in admin mode. I added this user to the local administrators group, gave this user specific rights in the RDP-TCP item, and added this user to a few areas of the local policies, such as: "access this computer from the network." I am able to get this user onto other servers that also have Windows 2000 SP3 TS in admin mode. This is the only server that gives me this error: "The system can not log you on (1F). Please try again or consult your system administrator." What am I missing? Microsoft.com is no help on this one. Thanks.
Question #2: We have a client that is running Citrix on a Windows 2000 server, which is running Terminal Services in application mode. The server is also the domain controller. Unless the Citrix users are members of the domain admins group, they receive the message "the local policy of this system does not permit you to log on interactively." I found reference to this in MS Knowledge Base Article 247989. I created a new group and added it to the local logon policy as mentioned in the article. Now the users can log on without receiving the message, but are immediately logged off. If I look at the application log I see the following: "Windows cannot connect to machine.local with (0x0)." and "Windows cannot query for the list of group policy objects." Do you have any ideas? Thanks.
This was first published in November 2003