[Webinar] Streamline your web hosting managementRegister Today

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 278
  • Last Modified:

Prevent certain users from accessing terminal services on server.

Hello, I have a physical server running Windows 2003 Server and a virtual server running Windows 2003 as well, each have own IP and have running terminal services. I need to be able to limit access to accounting dept to the Virtual, and teachers need access to the physical one. How would I limit these two groups to their respective servers?
3 Solutions
Can I assume you have made a forest in AD and have separate OU's for each department?

I would assigned users to a global security group and then assigned the global group to a domain local group. The domain local group is then assigned the appropriate permissions for any given folder.

Hope that helps.
on your terminal server management side of things - just add a group for your teachers to access their server and noone else and the same for the others on your other server - its all under the rdp-tcp properties of the server :)
By default the terminal servers are accessible by members of the servers' local Administrators and Remote Desktop Users groups. Add the group containing the teachers to the Remote Desktop Users on the physical server and the group with the accounting dept users to the other one. Or, if you want to follow MS best practises do it like debuggerau suggests, that is add the users to domain global groups, the global groups to domain local groups and add those local groups to the Remote Desktop Users groups. IMO this will just make the hierarchy bulky and complex, the main thing either way is to have up to date documentation on your environment.
ishmickAuthor Commented:
Thanks guys, big help.

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now