Re: How can I prevent a TS user from TS or RDP to another server?

From: Colin Nash [MVP] (x_at_x)
Date: 07/30/04 

Date: Thu, 29 Jul 2004 18:20:06 -0400

So he's a Domain Admin but you don't want him administering your domain?
Maybe I don't understand...

"GX" <GX@DOMAIN.com> wrote in message
news:9CdOc.333$Hu2.108@tornado.tampabay.rr.com...
> Big Picture
>
> How can I prevent a TS user from TS or RDP to another server?
>
>
>
> Scenario:
>
> Users (Vendors) log into my organization via VPN. They are setup on the
> VPN
> under a group which has only access to one machine and back via RDP. (i.e.
> Microsoft Group has access to the Microsoft Server Box, now we setup John
> on
> the Microsoft group and he has only RDP access to the Win2KSVR). In order
> for them to get into the Win2KSVR they are also setup on the network as
> jdoe
> (Domain Admins) and that's the way he log into the Win2KSVR.
>
>
>
> Concern:
>
> John VPN into organization and RDP to Win2KSVR did what he needed to do
> and
> opened the network neighborhood and saw all the servers we have. Now he
> wants to browse and log into the boxes he has no need in loging in.
>
>
>
> Question:
>
> How can I prevent a user from login into another machine via TS or RDP
> when
> they are login into a machine via TS or RDP?
>
>

Relevant Pages

  • Re: Terminal Services Setup/Flaw
    ... domain admin priviledges and went to work last week. ... I am able to .rdp into the terminal server and from there I'm able to use .rdp into any other server in the network. ...
    (microsoft.public.windows.terminal_services)
  • Re: How can I prevent a TS user from TS or RDP to another server?
    ... And why do they need to be a Domain Admin in order to ... on the one server, then you can use standard methods of the ... to control where that domain user account may be used. ... I just want them to be able to TS or RDP to this box only and if they ...
    (microsoft.public.win2000.security)