can you limit RDP/ terminal session user to just a single logon with GPO, so that another user cannot logoff the original session?

can you limit a user on a single Virtual XP pro machine [VMWARE] to one logon and disallow another terminal user from logging off that user off?
BFedyckAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

sallyfingersCommented:
You can use GPO to limit it to one active session at a time but... If two users are using the same account then one will always be able to log the other off.  The best way to do this is to use different accounts for everyone (Best Practice).  They do this in case you loose your connection while logged on it won't lock out your account until administrator manually ends the session.  You will start running into issues if you don't have that feature.  

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
BFedyckAuthor Commented:
if you have 2 users with ADMIN rights or local admin rights regardless of different user logons, one will still over ride or log out the other in the session, and if this can be stopped with a GPO, do you have instructions or a link to a KB?
lmk and thanks
B
AmazingTechCommented:
Unfortunately, I think Administrators are giving the ability to log anyone off right in the Gina.  I don't believe there is a policy to control this.
sallyfingersCommented:
Like I said, I don't believe you can disable this and if you do get it done you are going to run into issues right away.  The first time someone doesn't log off when they exit the RDP session your stuck.  This happens all the time when people reboot, loose network connectivity, computer crashes... any thing.  The problem is, then, in order to log your own account off you'll have jump through many more hoops than just creating an admin account in AD.  An admin account in AD has far to many benifets for me to see the use in disabling an extremely helpful key feature such as being able to log on to your own account at any time.  

** You can however have your account enabled to allow multiple sessions at once. But from what I understand, you don't want multiple sessions either right?
BFedyckAuthor Commented:
thanks for the input
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS

From novice to tech pro — start learning today.