Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Terminal Services in Windows server 2003

Posted on 2009-07-16
7
Medium Priority
?
186 Views
Last Modified: 2013-11-21
I want to gave access to few of our employee terminal access to one of our server but only to a one particular application.
its windows server 2003 R2 Enterprise Edition (Service Pack 1)
not sure how can we do it.
any information will be highly appreciated.
0
Comment
Question by:amitbhardwaj100
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 2

Assisted Solution

by:acronyms
acronyms earned 1500 total points
ID: 24871056
You can specify that an application is run on start of the Terminal Server Session.

You can do this for the user or for the Terminal Server.

The User is done through the Environment Tab in AD and the Terminal Server itself is done through Terminal Server Management on the server itself.

If you want specifics post back and I will explain exactly how to do it but it it is pretty self explanatory.

Hope this helps.

Regards
0
 
LVL 1

Author Comment

by:amitbhardwaj100
ID: 24871273
Thanx for the quick reply but the information that you provided to run the particular application on logon but my main concern is to provide the access to only one  application and prohibit everything else. I dont want them to access any thing else on that server and I want my self to access everything through terminal services.
0
 
LVL 2

Assisted Solution

by:acronyms
acronyms earned 1500 total points
ID: 24871642
I may have misread or misunderstood the question. As I read it the application is on the Server and it will run through Terminal Services on that server. You want the users to have access and run that application and restrict any other access. You want full control to administer the server.

You can use Group Policy to allow only certain .exes to be run therefore anything else would get the standard response of "Administrator Disallowed this application"

In conjunction with the logon application previously mentioned this will work well. I have used this method to only allow certain apps. As for yourself make sure you deny access to the Group Policy Object then it will not affect you.

To limit user who can access this use a Security group and allow only that group to logon through terminal services.

If you want anything expanding please feel free to ask.

Regards

0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
LVL 1

Author Comment

by:amitbhardwaj100
ID: 24871901
Thanx for the reply again.
but can you please explain how can I block everything with Group policy except one particular application. I also want the system to log off the client if they close that particular application. is it possible?

0
 
LVL 2

Accepted Solution

by:
acronyms earned 1500 total points
ID: 24872181
The only way to log the user off is by using the run application when user starts the Terminal Server Session. When they close that opp it automatically logs them off.

The Group Policy is

User Configuration - Administrative Templates - System

Under the system tab on the right hand pane you will have the "Run Only Allowed Windows Applications"

Open this and define only the name of the Application. You may have to name a few more if your app calls upon other apps to run properly. Trial and error in the sand box I am afraid.

Hope this helps.

0
 
LVL 1

Author Closing Comment

by:amitbhardwaj100
ID: 31604316
The Best way to provide the access to one particular application to user through terminal services is first of all install the terminal services in a application mode and then install the application through control panel, Add New Program. and then provide the access  to that person  to that application only
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip is around source server preparation. No migration is an easy migration, there is a…
Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found listed in my profile here: http:…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question