[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 195
  • Last Modified:

How do I stop the last user name appearing in a users terminal services log on screen

After applying the do not show last user name in log on screen setting in the local terminal servers local policyit works ie does not show the last user name in the log on window when loggin on locally but when remote desktoping in to a session from another pc the last user name is still there
0
wendolene2
Asked:
wendolene2
  • 2
  • 2
1 Solution
 
GATOR420Commented:
Try this:

Restrictive Computer Policies
These policies are only applied to computer objects that are placed into the locked down OU. These settings are system wide, affecting all users.

[Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options]

• Devices: Restrict CD-ROM access to locally logged-on user only

Recommended setting: Enabled

This policy allows only users who log on to the console of the Terminal Server access to the CD-ROM drive. It is recommended that you enable this policy to prevent users and administrators from remotely accessing programs or data on a CD-ROM.
 
• Devices: Restrict floppy access to locally logged-on user only

Recommended setting: Enabled

This policy allows only users who log on to the console of the Terminal Server access to the floppy disk drive. It is recommended that you to enable this policy to prevent users and administrators from remotely accessing programs or data on a floppy disk.
 
• Interactive logon: Do not display last user name

This policy does not display the last logged on user account at the Windows logon prompt on the console of the Terminal Server. This policy does not affect Terminal Server clients that locally cache the logon user name.
 
0
 
wendolene2Author Commented:
Thanks for the info - so do you know how to stop the locally cached user name appearing in their Terminal server clients log on window...
0
 
GATOR420Commented:
Sorry missed that, here you go:

Tip When the Inherit Client Config checkbox is selected and you log on to a Terminal Server using the Microsoft TS Client, the user ID for the last user to log on to the server from that client will appear in the logon window. Deselecting the Inherit option for AutoLogon will prevent the user ID from appearing. The Citrix client will never display the user ID of the last user that logged on to a Terminal Server. If you are going to allow inheritance, an alternative method to preventing this behavior is to make a change in the Registry. We discuss this later in this chapter in the section "Other Connection and Session Security Considerations."

From:

http://www.microsoft.com/technet/prodtechnol/termsrv/maintain/security/securaud.mspx
0
 
wendolene2Author Commented:
Thanks and I have looked at the document which focuses on NT4.  I am closeing this call now as if it is goiing to be a registry key hack to fix this and not a Sy Pol setting that we can apply to the whole domain it is not a feasable solution and we will try something else...

Cheers
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now