prevent users logging on to terminal server

Posted on 2005-05-17
Last Modified: 2010-04-14
Hi i would like to prevent users logging on to terminal server based on group membership

so far the only thing that works for me  is deny logon locally set at each terminal server local security policy,

(alltering the allows logon locally to specifc groups seemed to have no effect at all)

would like to be able to just have an "allow" group with in the domain.

The allow logon to teminalservers tick box in user properties is not much use either (it works) but difficult to see en mass)

any ideas?

terminal server = win2000
domain is 2003 AD
Question by:mhamer
    LVL 82

    Accepted Solution

    You can do this by allowing the RDP protocol only for the specific group.
    On your TS, go to Administrative Tools, start "Terminal services configuration".
    Under "Connections", double-click "RDP-TCP".
    In the "Permissions" tab, note the current permissions, just in case. Add the group you want to be able to logon through terminal services. There's probably the Users group with access in there as well; remove this. Make sure the local Administrators group and System are allowed to use the protocol.
    Now only members of the specific group and administrators will be able to use RDP to logon to the machine.

    Author Comment

    cheers worked well

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Find Ransomware Secrets With All-Source Analysis

    Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

    NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
    In the modern office, employees tend to move around the workplace a lot more freely. Conferences, collaborative groups, flexible seating and working from home require a new level of mobility. Technology has not only changed the behavior and the expe…
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now