Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Terminal Services in Windows server 2003

Posted on 2009-07-16
7
Medium Priority
?
187 Views
Last Modified: 2013-11-21
I want to gave access to few of our employee terminal access to one of our server but only to a one particular application.
its windows server 2003 R2 Enterprise Edition (Service Pack 1)
not sure how can we do it.
any information will be highly appreciated.
0
Comment
Question by:amitbhardwaj100
  • 3
  • 3
6 Comments
 
LVL 2

Assisted Solution

by:acronyms
acronyms earned 1500 total points
ID: 24871056
You can specify that an application is run on start of the Terminal Server Session.

You can do this for the user or for the Terminal Server.

The User is done through the Environment Tab in AD and the Terminal Server itself is done through Terminal Server Management on the server itself.

If you want specifics post back and I will explain exactly how to do it but it it is pretty self explanatory.

Hope this helps.

Regards
0
 
LVL 1

Author Comment

by:amitbhardwaj100
ID: 24871273
Thanx for the quick reply but the information that you provided to run the particular application on logon but my main concern is to provide the access to only one  application and prohibit everything else. I dont want them to access any thing else on that server and I want my self to access everything through terminal services.
0
 
LVL 2

Assisted Solution

by:acronyms
acronyms earned 1500 total points
ID: 24871642
I may have misread or misunderstood the question. As I read it the application is on the Server and it will run through Terminal Services on that server. You want the users to have access and run that application and restrict any other access. You want full control to administer the server.

You can use Group Policy to allow only certain .exes to be run therefore anything else would get the standard response of "Administrator Disallowed this application"

In conjunction with the logon application previously mentioned this will work well. I have used this method to only allow certain apps. As for yourself make sure you deny access to the Group Policy Object then it will not affect you.

To limit user who can access this use a Security group and allow only that group to logon through terminal services.

If you want anything expanding please feel free to ask.

Regards

0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 1

Author Comment

by:amitbhardwaj100
ID: 24871901
Thanx for the reply again.
but can you please explain how can I block everything with Group policy except one particular application. I also want the system to log off the client if they close that particular application. is it possible?

0
 
LVL 2

Accepted Solution

by:
acronyms earned 1500 total points
ID: 24872181
The only way to log the user off is by using the run application when user starts the Terminal Server Session. When they close that opp it automatically logs them off.

The Group Policy is

User Configuration - Administrative Templates - System

Under the system tab on the right hand pane you will have the "Run Only Allowed Windows Applications"

Open this and define only the name of the Application. You may have to name a few more if your app calls upon other apps to run properly. Trial and error in the sand box I am afraid.

Hope this helps.

0
 
LVL 1

Author Closing Comment

by:amitbhardwaj100
ID: 31604316
The Best way to provide the access to one particular application to user through terminal services is first of all install the terminal services in a application mode and then install the application through control panel, Add New Program. and then provide the access  to that person  to that application only
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question