Allow End Users Remote Desktop access to Domain Controller on Server 2008 R2

In organizations that I have worked in there has been several occasions where I have had to add Terminal Server Licenses to a Domain Controller.  This has only been done in a dev environment because it is not recommended by Microsoft.  There may be circumstances where you would want to do this in a production environment but use this at your own discretion.

  1. Log on to the Domain Controller as Domain Admin
  2. Open Server Manager. To open Server Manager, click Start, point to Administrative Tools, and then click Server Manager.
  3. Under Roles Summary, click Add Roles
  4. On the Before You Begin page of the Add Roles Wizard, click Next.
  5. On the Select Server Roles page, select the Remote Desktop Services check box, and then click Next.
  6. On the Introduction to Remote Desktop Services page, click Next.
  7. On the Select Role Services page, select the Remote Desktop Session Host check box, and then click Next.
  8. After clicking on next you will now get a pop up warning

  9. Now click on Install Remote Desktop Session Host anyway (not recommended)
  10. On the Uninstall and Reinstall Applications for Compatibility page, click Next.
  11. On the Specify Authentication Method for Remote Desktop Session Host page, you will need to make a decision if you want older remote desktop clients or my recommendations I would click Require Network Level Authentication, and then click Next
  12. On the Specify Licensing Mode page, select Configure later, and then click Next.
  13. On the Select User Groups Allowed Access To This Remote Desktop Session Host Server page, click Next. In my environment for ease of access an because this was a dev environment I chose domain users.  I would highly recommend creating a group in AD and then adding it here (ex…Allow Remote Desktop)
  14. On the Configure Client Experience page, click Next.
  15. On the Confirm Installation Selections page, verify that the RD Session Host role service will be installed, and then click Install.
  16. On the Installation Results page, you are prompted to restart the server to finish the installation process. Click Close, and then click Yes to restart the server.
    After the server restarts and you log on to the Server, the remaining steps of the installation finish. When the Installation Results page appears, confirm that installation of the RD Session Host role service succeeded, and then click Close to close the RD Session Host configuration window. Also, close Server Manager.

    Here is the screen after the reboot

    The RD Session Host role service is now installed. For users to be able to connect to this server, you must add the user accounts to the local Remote Desktop Users group on the DC.

  17.  Log on to the server and navigate to AD Users and Computers and add either a group of users you want to have access to Remote Desktop (Best way to do it) or you can just add the individual user.
  18.  Now if you want to allow more people to gain access and have Terminal Server licenses install the feature and add your licenses.  If you don’t know how to do this add a comment and I can add a how to.

Leave a Reply

Your email address will not be published. Required fields are marked *