The connection was denied because the user account is not authorized
Instead of editing the User Rights Assignment on your workstations, consider using a Group Policy Preference (GPP) setting to modify the membership of the Remote Desktop Users group. By default, anyone that is a member of this group will be granted permission to establish a RDC connection to the machine.
Edit the membership of the Remote Desktop Users group with a Group Policy Preference (GPP) setting as follows:
- Create a new Security Group such as My Remote Desktop Users. Members of this group will be granted permission to make Remote Desktop connections.
- Edit a Group Policy Object and navigate to
Computer Configuration/Preferences/Control Panel Settings Right-click Local Users and Groups and choose New > Local Group
Set Action: to Update
- In the Group name: drop-down choose Remote Desktop Users (built-in)
- Click Add...
- In the Local Group Member dialog box click the ... box and find your group (don't type it in manually)
- Confirm Action: is set to Add to this group
- Click OK two times then close the Group Policy editor.
- Apply the Group Policy object to computers to which you want users to be able to access.
The advantage of this method is that you can easily grant/revoke Remote Desktop permissions by modifying a user's membership in the My Remote Desktop Users group, instead of having to edit Group Policy to set a new User Rights Assignment policy then wait for it to propagate to your workstations.
Further, edits to the User Rights Assignment policy are not cumulative. In other words, if you have two Group Policies that modify that policy, only one will have an effect. On the other hand, multiple GPPs can be specified to modify the membership of the Remote Desktop Users group.
None of these solutions seemed to work for us.
What we ended up doing is opening control panel > opening user accounts > Manage User Accounts > Click the add button if your user is not there.
We did this on the device we were trying to remote to and added the devices user. Worked like a charm.