Hyper V Enhanced Mode Active Directory you need the right to sign in through remote desktop services

M D 1 Reputation point

I created a Windows 10 Virtual Machine through Hyper-V. I sign into the local Active Directory Domain with a username and password. The Windows 10 environment loads just fine.
I active Enhanced Mode (really just for the convenience of using all my monitors) and I receive the error message:
" To sign in remotely, you need the right to sign in through remote desktop services. By default, ... "
Theoretically, it is using the default settings in Remote Desktop users. Since I am able to log in without any trouble without Enhanced mode I feel as though I have set up the GPO's, Groups and assigned the user properly.
Is there an additional setting with Active Directory that is needed to allow users to utilize the Enhanced mode in Hyper-V? Is there a GPO that might be possibly interfering with this function?

A Windows technology providing a hypervisor-based virtualization solution enabling customers to consolidate workloads onto a single server.
2,633 questions
0 comments No comments
{count} votes

4 answers

Sort by: Most helpful
  1. Eric Siron 1,256 Reputation points MVP

    Enhanced Session mode establishes an RDP connection to the host which then connects to the virtual machine via VMBus. Security is most likely blocking at the host level, not the guest. I have not done a lot of work with this, but it should be enough to add the users into the host's Remote Desktop Users group. Obviously, that's not a wonderful thing, so you'll need to use other tools to prevent them from establishing a session on the host itself.

    Enhanced session was not meant as a VDI stand-in, so under expected usage this is never a problem. RDPing direct to the guests is probably better. Understand that no matter how this is set up or configured, remote access to a Windows 10 desktop for anything other than administrative purposes (tech support on the Windows 10 instance or its apps) requires all sorts of licensing above and beyond what's needed for remote server access.

    1 person found this answer helpful.
    0 comments No comments

  2. Anonymous

    By default administrators are in Remote Desktop Users group. You can add your domain account to this group.


    --please don't forget to upvote and Accept as answer if the reply is helpful--

    0 comments No comments

  3. M D 1 Reputation point

    I do have the 'Remote Desktop Users' group associated with that policy and the user is in that Group.

    Again, I am able to log in fine without Enhanced Mode. Turning on Enhanced mode and suddenly this user does not have the rights.
    The user is a non-Admin user. The intention is to have a Virtual Machine for non-Administrative activities.

  4. Limitless Technology 39,511 Reputation points

    Hello MatthewDavis,

    Have you checked if your have RDP enabled on the VM? Also if the firewall rules are allowing it? Normally is just a matter of that requisite missing.

    Other prerequisites here: https://learn.microsoft.com/en-us/windows-server/virtualization/hyper-v/learn-more/use-local-resources-on-hyper-v-virtual-machine-with-vmconnect


    --If the reply is helpful, please Upvote and Accept as answer--