Solved

How can you restrict users logon hours to just the terminal server?

Posted on 2008-06-13
5
2,482 Views
Last Modified: 2013-11-21
I'd like to restrict when users can log into a terminal server without restricting their login ability to the rest of the network. For example, only want users to be able to login to the TS M-F 9 to 5pm. I don't want to restrict them though from being able to access webmail, their local domain PC, etc. Is this possible? If so, please provide detailed instructions. Thanks.
0
Comment
Question by:mcse4u
  • 2
  • 2
5 Comments
 
LVL 5

Expert Comment

by:jenkinsme
ID: 21784362
I do not know of any way to do this using just Windows Server however on your terminal server you could install the following free program:
http://www.download.com/2X-SecureRDP/3000-2092_4-10465332.html
Then from there you can provide or deny access to RDP however you would like without effecting local access to the server.
0
 

Author Comment

by:mcse4u
ID: 21784406
Interesting program, however, it won't allow me to restrict the logon times to certain user groups. it's appears to be a all or nothing approach. And the help file is a little lacking in information. Do you check the boxes of when you want to block access, or are the check boxes for when you want to ALLOW access? The help system doesn't specify.
0
 
LVL 5

Expert Comment

by:jenkinsme
ID: 21784455
The check boxes are for what days you want to allow access and then state the time for allowed access. I know it is not very intuitive at all unfortunately there is not much out there for free that isn't like that.
0
 
LVL 7

Expert Comment

by:fhmc
ID: 21785415
thinking a bit "out of the box" here so to speak, and I've NEVER tried this, so I'm only speaking of theory here...

maybe you could leverage the Terminal Server's local tasks to run a batch file using the "net localgroups" command at two scheduled times.

place the users you want to control time access to the terminal server into an AD group called, say "Term serv X time control"

on the terminal server, prepare two batch files.

disableaccess.bat
net localgroup "remote desktop users" /delete "yourdomain\term serv x time control"

enableaccess.bat
net localgroup "remote desktop users" /add "yourdomain\term serv x time control"

schedule a task at X time to run disableaccess.bat
schedule a task at Y time to run enableaccess.bat

*****ALSO, make sure none of the members of "term serv x time control" are members of any other groups in the Terminal Server's remote desktop users group.

again, this is JUST theory on my side, but the logic seems to be sound in my mind.  You will have to conduct your own tests if you wish to pursue my suggestion.

If you're interested in pursuing this theoretical approach and have any questions, please post them and I'll do my best to help.

good luck.
0
 

Accepted Solution

by:
mcse4u earned 0 total points
ID: 21787219
Makes you wonder why this simple feature request is not built into the product already. I can't imagine i'm the only person who needs to restrict users to certain timeframes.
0

Featured Post

Want to promote your upcoming event?

Attending an event? Speaking at a conference? Or exhibiting at a tradeshow? Easily inform your contacts by using a promotional banner in your email signature. This will ensure your organization’s most important contacts are in the know.

Join & Write a Comment

On a regular basis I get questions about slow RDP performance, RDP connection problems, strange errors and even BSOD, remote computers freezing or restarting after initiation of a remote session. In a lot of this cases the quick solutions made b…
Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now