RDS: The Remote Desktop Users group on the RD Session Host server must contain domain users or groups

  • Article

Applies To: Windows Server 2008 R2, Windows Server 2012

This topic is intended to address a specific issue identified by a Best Practices Analyzer scan. You should apply the information in this topic only to computers that have had the Remote Desktop Services Best Practices Analyzer run against them and are experiencing the issue addressed by this topic. For more information about best practices and scans, see Best Practices Analyzer.

Operating System

Windows Server 2008 R2, Windows Server 2012

Product/Feature

Remote Desktop Services

Severity

Error

Category

Policy

Issue

The Remote Desktop Users group on the Remote Desktop Session Host server does not contain any users or groups.

Impact

If the Remote Desktop Users group on the RD Session Host server does not contain domain users or groups, users will not be able to connect to the RD Session Host server.

Resolution

Use the Remote tab in the System Properties dialog box to add domain users or groups to the Remote Desktop Users group on the RD Session Host server.

The Remote Desktop Users group on a Remote Desktop Session Host (RD Session Host) server is used to give users and groups permission to connect to an RD Session Host server.

You can add users and groups to the Remote Desktop Users group by using one of the following:

  • Local Users and Groups snap-in

  • Active Directory Users and Computers snap-in, if the RD Session Host role service is installed on a domain controller

  • The Remote tab in the System Properties dialog box on an RD Session Host server

You can use the following procedure to add users and groups to the Remote Desktop Users group by using the Remote tab in the System Properties dialog box on an RD Session Host server.

Membership in the local Administrators group, or equivalent, on the RD Session Host server that you plan to configure, is the minimum required to complete this procedure.

To add users and groups to the Remote Desktop Users group by using the Remote tab

  1. Start the System tool. To start the System tool, click Start, click Run, type control system and then click OK.

  2. Under Tasks, click Remote settings.

  3. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Yes.

  4. In the System Properties dialog box, on the Remote tab, click Select Users.

  5. Click Add to add the users or groups that need to connect to the RD Session Host server by using Remote Desktop Connection.

Note

Members of the local Administrators group can connect even if they are not listed.

  1. Click OK to close the Select Users or Groups dialog box, and then click OK to close the Remote Desktop Users dialog box.

Warning

If you select Don't allow connections to this computer on the Remote tab, no users will be able to connect remotely to this computer, even if they are members of the Remote Desktop Users group.

  1. Click OK to close the System Properties dialog box.

See Also

Concepts

Best Practices Analyzer for Remote Desktop Services: Policy
Best Practices Analyzer for Remote Desktop Services