Avatar of ronin83
 asked on

how to set very restrictive RDP permissions to user

i'm using windows server 2003, i don't have AD installed. i want to give a user access to RDP so he can access a remote administration tool for a third party app. i have the shortcut placed on his user's desktop. what i want, is for him to not be able to browse any hard drives, use the run command in the start menu, anything really that'd let him do anything besides using that one shortcut.

i've tried creating a new group "limitedusers" than assigning his user to that one as the only one. than not giving it permissions to list/read/write anything on any hard drive, but i can still browse both drives freely through my computer from his user.

please help.
Microsoft Server OSWindows Server 2003

Avatar of undefined
Last Comment

8/22/2022 - Mon

Each computer has a local GPO, which you can edit to configure that computer. In fact, you must use the local GPO to configure a computer that isn't a member of an AD domain. However, changing the local GPO will effect all users, including administrators.

You said you created a group and tried not to give permission. Did you try giving Deny Permission? I don't know if you want to give deny permission to the entire drive. Not sure how that would effect loading windows.

Have you thought about installing the remote admin tool on the user's computer.

this is a windows server 2003 web server, no AD available, i don't know what "GPO's" are. installing tools on other user isn't an option. i haven't tried giving deny permissions to the group to the drive yet, hows that done?

View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck