?
Solved

How can you restrict users logon hours to just the terminal server?

Posted on 2008-06-13
5
Medium Priority
?
2,648 Views
Last Modified: 2013-11-21
I'd like to restrict when users can log into a terminal server without restricting their login ability to the rest of the network. For example, only want users to be able to login to the TS M-F 9 to 5pm. I don't want to restrict them though from being able to access webmail, their local domain PC, etc. Is this possible? If so, please provide detailed instructions. Thanks.
0
Comment
Question by:mcse4u
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 5

Expert Comment

by:jenkinsme
ID: 21784362
I do not know of any way to do this using just Windows Server however on your terminal server you could install the following free program:
http://www.download.com/2X-SecureRDP/3000-2092_4-10465332.html
Then from there you can provide or deny access to RDP however you would like without effecting local access to the server.
0
 

Author Comment

by:mcse4u
ID: 21784406
Interesting program, however, it won't allow me to restrict the logon times to certain user groups. it's appears to be a all or nothing approach. And the help file is a little lacking in information. Do you check the boxes of when you want to block access, or are the check boxes for when you want to ALLOW access? The help system doesn't specify.
0
 
LVL 5

Expert Comment

by:jenkinsme
ID: 21784455
The check boxes are for what days you want to allow access and then state the time for allowed access. I know it is not very intuitive at all unfortunately there is not much out there for free that isn't like that.
0
 
LVL 7

Expert Comment

by:fhmc
ID: 21785415
thinking a bit "out of the box" here so to speak, and I've NEVER tried this, so I'm only speaking of theory here...

maybe you could leverage the Terminal Server's local tasks to run a batch file using the "net localgroups" command at two scheduled times.

place the users you want to control time access to the terminal server into an AD group called, say "Term serv X time control"

on the terminal server, prepare two batch files.

disableaccess.bat
net localgroup "remote desktop users" /delete "yourdomain\term serv x time control"

enableaccess.bat
net localgroup "remote desktop users" /add "yourdomain\term serv x time control"

schedule a task at X time to run disableaccess.bat
schedule a task at Y time to run enableaccess.bat

*****ALSO, make sure none of the members of "term serv x time control" are members of any other groups in the Terminal Server's remote desktop users group.

again, this is JUST theory on my side, but the logic seems to be sound in my mind.  You will have to conduct your own tests if you wish to pursue my suggestion.

If you're interested in pursuing this theoretical approach and have any questions, please post them and I'll do my best to help.

good luck.
0
 

Accepted Solution

by:
mcse4u earned 0 total points
ID: 21787219
Makes you wonder why this simple feature request is not built into the product already. I can't imagine i'm the only person who needs to restrict users to certain timeframes.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found here: http://www.experts-exchang…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Suggested Courses

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question