Primary User cannot log on through RDC; User is Domain Admin. Name disappeared from "Allow log on through Terminal Services and now the policy is greyed out to all. User can log on locally to workstation and to Domain while sitting at, but no remote logging for particular User. Vista; Add Users or Group is greyed out on domain workstation in local security settings for "Allow log on through Terminal Services" Two Domain Admins in list for local security settings, but unaccessable to anyone, Regardless of how I sign in to this computer, with any Domain Admin, Local Admin, I am unable to add any other User to this list for RDC to this box. Grrrrrrrrrr. Help Please. Could this be as simple as unjoining the workstation from the network and rejoining so the primary User is once again recognized?

Hi, Based on the test, when we have set an GPO to explicitly enable "Allow Log on through Terminal Services" on the domain controller of the Active Directory, after the Windows Vista join the domain and apply this GPO, the Button "Add Users or Group" will be grayed out in the local group policy setting of the Windows Vista client. In other words, simply disjoining the Windows Vista client and rejoining it to the domain doesn't make the primary users be recognized. One of the possible solution is to configure the GPO on the domain controller to "Add" the user to "Allow Log on through Terminal Services", and then apply the GPO to the OU that holds the computer account of Windows Vista clients. Please don't forget to run "gpupdate /force" on both the domain controller and the Windows Vista client. To verify that the GPO is refreshed, it's better to restart the Windows Vista client. Hope it helps.David Shen - MSFT