Solved

When I log on to SBS2003 server using RDP as admin, I see other user's RDP seesion.  How can I prevent this?

Posted on 2009-06-30
10
395 Views
Last Modified: 2013-11-21
Typically our users don't have this problem, but a new RDP user does.  He can RDP to server normally using his own credentials, then he RDP's to his workstation on our company domain. All works well, except--when he closes his session (by clicking the 'X' on the RDP drop-own menu bar (not logging off).  When he logs back on the old session persists--this is also OK.  However, when I, the admin, log on using my administrator credentials, I see his session open on the server.  Again, this doesn't happen to our other RDP users.  I don't want to see his session. What is different and how can this be prevented?
0
Comment
Question by:FrankU09
  • 4
  • 4
  • 2
10 Comments
 
LVL 38

Accepted Solution

by:
Philip Elder earned 250 total points
ID: 24747230
Why would the server be used as a jump point into the network (unless I am not understanding what is being said)? The Remote Web Workplace provides this functionality by a fully secure Web based portal.

Does this mean that those users using the server as the jump point are Domain Admins?!?

Use the Remote Web Workplace to provide the necessary connectivity to SBS domain based workstations.
http://blogs.technet.com/sbs/archive/2006/07/25/443383.aspx
http://blogs.technet.com/sbs/archive/2006/11/03/remote-web-workplace-rww-part-ii-controlling-portal-access.aspx

Philip
0
 

Author Comment

by:FrankU09
ID: 24747359
I'm a new hire and this is the environment I walked into.  I don't know why they are doing it this way.  Maybe because this was a way to get it done; albeit, not the right way.  I will research and suggest it to them. Thank you.  Your suggestion really does look like the proper way to do it.

Until they decide to do it differently, how can I prevent seeing the other user's RDP?
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 24747445
Since they are ALL domain admins, which means that they are sharing the same priviledges as god, there is no way that I can think of other than in Terminal Services Configuration trying the Limit Users to a Single Session setting.

Philip
0
 

Author Comment

by:FrankU09
ID: 24747519
They are NOT all admins.  They only belong to the remote desktop users and domain users groups.
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 24747557
Then I am missing something since it sounds like they are connecting to the server first via 3389 then RDP into their desktop?

Philip
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 3

Assisted Solution

by:LateNiteR
LateNiteR earned 250 total points
ID: 24748289
What makes the MOST sense to me is that in order to view the other user's session, the two of you are logging into the server using the same credentials.  Either both of you are using the same LOCAL login or the SAME Domain-based account (probably an account designated specifically for this purpose) to initally access the server via RDP.

If the other user remotes to his office-desktop but clicks the 'X' to close his/her SERVER session, then logging into the server yourself (using the same login) will naturally still contain his/her RDP session to the desktop.

I've seen this in other smaller offices where the server is the sole entrypoint onto the LAN via VPN.  Users who do not know how to will use this as a means of access their data on the HDs of their office PCs.

Hope this helps.
0
 
LVL 3

Expert Comment

by:LateNiteR
ID: 24748320
...sorry, instead of browsing to the desktop file system via Windows Explorer, accessing a desktop share or making a static mapping to a share on the remote PC connected via VPN.
0
 

Author Comment

by:FrankU09
ID: 24748573
I'm not sure what 3389 is, but they first use RDP to connect to our server from outside of our network, then, once connected to the server, they use RDP to connect to their workstation that is on the domain.  They can't connect directly to their workstations through our firewall. Seems very convoluted to me, but it is what it is--for the moment.
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 24748643
3389 is the port number used by RDP to listen for incoming calls. TSGrinder put a stop to us doing the same.

Philip
0
 

Author Comment

by:FrankU09
ID: 24748935
It finally clicked...the 3389. Thanks. We are definitely using different logons.  I am using ADMINISTRATOR and he is using his XXX.  It is the most bizarre thing.  The other users don't have this issue.  I may just delete and re-create his user profile.
0

Featured Post

New My Cloud Pro Series - organize everything!

With space to keep virtually everything, the My Cloud Pro Series offers your team the network storage to edit, save and share production files from anywhere with an internet connection. Compatible with both Mac and PC, you're able to protect your content regardless of OS.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I've often see, or have been asked, the question about the difference between the Exchange 2010 SP1 version, available as part of Small Business Server (SBS) 2011, and the “normal” Exchange 2010 SP1 Standard. The answer to the question is relativ…
I work for a company that primarily works with small businesses as their outsourced IT vendor. As such the majority of these customers utilize some version of Small Business Server. Due to the economics of running a small business, many of these cus…
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…
Send secure, cloud-based, encrypted alerts and maintain HIPAA compliant messaging. Integrates priority & secure messaging into one application. Ensures IT, emergency respondents and healthcare professionals that their critical messages are never mis…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now