In Windows, remote access through Remote Desktop Protocol (RDP) depends on both permissions and group memberships. To let a user connect, you’ll need to make sure they’re allowed to log on through Terminal Services (or Remote Desktop Services) in Group Policy, and that they’re added to the Remote Desktop Users group on the computer. Setting up both ensures the user has the proper rights in policy and locally, so they can connect remotely without issues.
To log on to a remote computer, you need the “Allow log on through Terminal Services” permission. By default, members of the Remote Desktop Users group have this right. If you’re not part of this group—or if the group doesn’t have this permission—you will need to be granted the right manually.
Step 1: Click Start >> Run, type secpol.msc, and click OK. This will open the Local Security Policy window.
Step 2: Expand the Local Policies and click User Rights Assignment.
Step 3: On the right side, double-click Allow log on through Terminal Services or Allow log on through Remote Desktop Services.
Step 4: Click Add User or Group and enter Remote Desktop User. Click OK twice to dismiss both dialog boxes.
Step 5: Start the command prompt with administrator rights.
Step 6: Run # gpupdate /force
Conclusion:
To enable a user to log in via Remote Desktop on a Windows computer, you must configure both policy rights and group membership. Grant the user (or the Remote Desktop Users group) the “Allow log on through Remote Desktop Services” permission in the Local Security Policy, and also add them to the Remote Desktop Users group locally. Finally, refresh the Group Policy with gpupdate /force.
This ensures the user has the necessary security rights and local access permissions to connect remotely without issues.
