Fix for Could not load Remote Desktop Services properties for this user because Access is Denied

Another day in my demo environment… I got this error when trying to open some tabs in the user properties of Active Directory

Could not load Remote Desktop Services properties for this user because: Access is Denied

could not load Remote Desktop Services properties for this user because Access is denied

The error popped up at the following tabs:

  • Remote Desktop Services Profile
  • Remote Control
  • Sessions
  • Environment

The account is was using was a standard domain user account. As far as I know, by default, all users have read permissions to (nearly) all property fields of an AD user. But still in this case it looked like there was some issue with Security Rights.
I checked some other accounts, but the results were very unpredictable. Some gave errors, others went fine.

In addition, I also found the fields Created and Modified to have no values:

Object created modified no value in object class User

The issues as described above did not occur when checking with a domain admin account. Which proved read access or any kind of security to be the problem in this case.

The cause of this Access Denied problem could then be pinpointed to a single checkbox in the Security tab of a Users Properties window:

Read: Allow for Authenticated Users in User Properties: Security was not checked

authenticated users in active directory no allow read access checkbox

As soon as I checked this box, the problem was gone. Credits for me! 🙂
Upcoming question: why do security settings differ from account to account. And what should be the right setting? That’s a question for another blog post, I guess 🙂

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x