Forums on Intune, SCCM, and Windows 11
Welcome to the forums. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your topics and posts, as well as connect with other members through your own private inbox!
SOLVED Query on domain authorization settings
- Thread starter mparthi24
- Start date
- Replies 1
- Views 2K
Solution
Danny_Goodwin11
Member
- Messages
- 7
- Solutions
- 6
- Reaction score
- 1
- Points
- 1
There is a method for settings on server 2016 for domain authorization.
Before you start:
To allow domain users RDP access to the domain joined Windows instances, follow these steps:
1. Connect to your Windows EC2 instance using RDP.
2. Create a user. Repeat this step if you need more than one user.
3. Create a security group. Note the security group name for a later step.
4. Add the new users to the new security group.
5. Open Group Policy Management. Select your domain's Forest, expand Domains, and then expand your domain name.
6. Expand your delegated OU (NetBIOS name of the directory). Open the context (right-click) menu for Computers, choose to Create a GPO in this domain, and Link it here.
7. For Name, enter a name and then select Ok.
8. In the navigation pane, expand Computers. Open the policy's context (right-click) menu, and then choose Edit.
9. In the Computer Configuration section of the navigation pane, expand Preferences, and Control Panel Settings.
10. Open the context (right-click) menu for Local Users and Groups, then choose New, Local Group.
11. For Group name, choose Remote Desktop Users (built-in), & then select Add.
12. For Name, enter the Name of the security group you created in step 3 and then choose Ok.
This policy updates your environment at the next policy refresh interval. To force the procedure to apply immediately, run the gpupdate /force command on the target server.
Before you start:
- Join an EC2 Windows instance (Windows Server 2016) to a Simple AD or AWS Managed Microsoft AD directory.
- Install the Remote Server Administration Tools (RSAT) and Group Policy Management console on the instance.
To allow domain users RDP access to the domain joined Windows instances, follow these steps:
1. Connect to your Windows EC2 instance using RDP.
2. Create a user. Repeat this step if you need more than one user.
3. Create a security group. Note the security group name for a later step.
4. Add the new users to the new security group.
5. Open Group Policy Management. Select your domain's Forest, expand Domains, and then expand your domain name.
6. Expand your delegated OU (NetBIOS name of the directory). Open the context (right-click) menu for Computers, choose to Create a GPO in this domain, and Link it here.
7. For Name, enter a name and then select Ok.
8. In the navigation pane, expand Computers. Open the policy's context (right-click) menu, and then choose Edit.
9. In the Computer Configuration section of the navigation pane, expand Preferences, and Control Panel Settings.
10. Open the context (right-click) menu for Local Users and Groups, then choose New, Local Group.
11. For Group name, choose Remote Desktop Users (built-in), & then select Add.
12. For Name, enter the Name of the security group you created in step 3 and then choose Ok.
This policy updates your environment at the next policy refresh interval. To force the procedure to apply immediately, run the gpupdate /force command on the target server.
- Status
