Symptoms
Unable to login with the following error:
Cause
In most cases, this is related to Active Directory Group Policies configuration.
Resolution
Make sure that there is a separate policy linked to the Organizational Unit with only RD Session Host servers in it.
The following settings should be applied in that policy:
Deny logon through Remote Desktop Services > add NLAUser:
Allow logon through Remote Desktop Services > add Domain Users:
NOTE: Ideally, the above-mentioned settings should not be configured in the Default Domain Policy for better flexibility in policy management.
Was this article helpful?
Tell us how we can improve it.