• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 312
  • Last Modified:

can you limit RDP/ terminal session user to just a single logon with GPO, so that another user cannot logoff the original session?

can you limit a user on a single Virtual XP pro machine [VMWARE] to one logon and disallow another terminal user from logging off that user off?
0
BFedyck
Asked:
BFedyck
  • 2
  • 2
3 Solutions
 
sallyfingersCommented:
You can use GPO to limit it to one active session at a time but... If two users are using the same account then one will always be able to log the other off.  The best way to do this is to use different accounts for everyone (Best Practice).  They do this in case you loose your connection while logged on it won't lock out your account until administrator manually ends the session.  You will start running into issues if you don't have that feature.  
0
 
BFedyckAuthor Commented:
if you have 2 users with ADMIN rights or local admin rights regardless of different user logons, one will still over ride or log out the other in the session, and if this can be stopped with a GPO, do you have instructions or a link to a KB?
lmk and thanks
B
0
 
AmazingTechCommented:
Unfortunately, I think Administrators are giving the ability to log anyone off right in the Gina.  I don't believe there is a policy to control this.
0
 
sallyfingersCommented:
Like I said, I don't believe you can disable this and if you do get it done you are going to run into issues right away.  The first time someone doesn't log off when they exit the RDP session your stuck.  This happens all the time when people reboot, loose network connectivity, computer crashes... any thing.  The problem is, then, in order to log your own account off you'll have jump through many more hoops than just creating an admin account in AD.  An admin account in AD has far to many benifets for me to see the use in disabling an extremely helpful key feature such as being able to log on to your own account at any time.  

** You can however have your account enabled to allow multiple sessions at once. But from what I understand, you don't want multiple sessions either right?
0
 
BFedyckAuthor Commented:
thanks for the input
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now