I simply cannot figure out what I am getting wrong here, hope some of you can assist.
I am trying to allow users to remote into their computers using RDP.
Remote Desktop Users - A buildin group that should do exactly this, according to microsoft documentation, members of this group should have access to rdp by default even without creating a GPO:
pz-msrdp - A second group I have created for troubleshooting, since the Remote Desktop Group is not getting populated to the win clients:
In this example i will be using user flinden.
In ucs, flinden is a member of remote desktop users, and a member of pz-msrdp
Querying windows shows not all groups are being populated on the domain joined machines:
So the Remote Desktop Group is not pushed to the windows client, however pz-winrdp is:
Editing GPO to allow pz-winrdp does not allow the user to login through rdp (They can login on the physical machine)
The GPO(AllowRDP) is enabled and on the correct OU’s, on the screenshot above you can see the GPO was indeed applied, screenshot of the GPO below:
I am at a loss, Im sure its me missing something, but what i cannot figure out.
All the best