Enable logon removes NT AUTHORITYAuthenticated Users from local remote desktop users group

If you Prohibit Logons Only from the App Centre on a Server and have NT AUTHORITYAuthenticated Users added to Local Remote Desktop Group , when you enable the Logon from App Center , the NT AUTHORITYAuthenticated Users group is removed from the Local Remote Desktop Group.

As a result none of the users are able to launch applications.

Cause

The issue is directed to Microsoft as this is evident on a Non Citrix Server which has Remote Desktop Services Role Installed.

Resolution

To redirect the customer to Microsoft and verify this issue is not related to Citrix complete the following steps:

  • Install Remote Desktop Services role on a Non Citrix Server.
  • Run the following Query from the command prompt:

Chlogon.exe /Drain

  • Check Status of the Chglogon by running the Command:

Chglogon.exe /Query

  • Enable Chglogon.exe /Enable.
  • Check to see Local Remote Desktop Group on the server NT AUTHORITYAuthenticated Users is missing.

Workaround

Add Domain Domain Users instead of NT AUTHORITYAuthenticated Users.

Read the original post here at the Citrix knowledgebase.

One thought on “Enable logon removes NT AUTHORITYAuthenticated Users from local remote desktop users group”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.