How do I allow other users to log in to my Windows server?

Owned by Andrew Guirguis (Unlicensed)
Last updated: Jul 18, 2023 by Prateek KapoorVersion comment
3 min read

Problem

I am the only one who can log in to my Windows server, and want to allow another Yale user to log in via Remote Desktop (RDP).

Solution

  1. Once logged into the computer, right-click on the Start button and select System.
     




  2. On System settings screen, select "Remote settings" on the left-hand side. In Windows 2019, you will instead select "Remote Desktop" on the left side.

    Windows 2016 Screenshot
    Windows 2016 Screenshot

                       




  3. Click the Select Users button on the resulting dialog. On Windows 2019, you will instead scroll to the bottom of the screen and click "Select users that can remotely access this PC"

          





  4. Click Add button on Remote Desktop Users dialog box.




  5. Type the NetID of the user you want to add and click "Check Names". Their netID should expand to show their full account name/e-mail address. Now you can click OK and exit out of the previous dialog boxes.

  6. New user should now be able to log in!

  7. Note: Users of servers in Secured spaces may get the error "Logon failure: the user has not been granted the requested logon type at this computer". If that occurs, you will need to follow the additional steps below. If you do not have a CIS-hardened server as part of a moderate- or high-risk space, the steps below should not be needed. 

  8. Search for and go to "Local Security Policy" under the Windows Start Menu

  9. Expand Local Policies in the left-hand pane, then click on the User Rights Assignment folder. Lastly, double-click on "Allow log on locally" in the right-hand pane.

  10. Type "Remote Desktop Users", then click Check Names. The Group name of "Remote Desktop Users" should become underlined. Click OK, OK, and exit the Local Security Settings manager.

  11. User should now be able to login.