Solved

Terminal Services in Windows server 2003

Posted on 2009-07-16
7
183 Views
Last Modified: 2013-11-21
I want to gave access to few of our employee terminal access to one of our server but only to a one particular application.
its windows server 2003 R2 Enterprise Edition (Service Pack 1)
not sure how can we do it.
any information will be highly appreciated.
0
Comment
Question by:amitbhardwaj100
  • 3
  • 3
7 Comments
 
LVL 2

Assisted Solution

by:acronyms
acronyms earned 500 total points
ID: 24871056
You can specify that an application is run on start of the Terminal Server Session.

You can do this for the user or for the Terminal Server.

The User is done through the Environment Tab in AD and the Terminal Server itself is done through Terminal Server Management on the server itself.

If you want specifics post back and I will explain exactly how to do it but it it is pretty self explanatory.

Hope this helps.

Regards
0
 
LVL 1

Author Comment

by:amitbhardwaj100
ID: 24871273
Thanx for the quick reply but the information that you provided to run the particular application on logon but my main concern is to provide the access to only one  application and prohibit everything else. I dont want them to access any thing else on that server and I want my self to access everything through terminal services.
0
 
LVL 2

Assisted Solution

by:acronyms
acronyms earned 500 total points
ID: 24871642
I may have misread or misunderstood the question. As I read it the application is on the Server and it will run through Terminal Services on that server. You want the users to have access and run that application and restrict any other access. You want full control to administer the server.

You can use Group Policy to allow only certain .exes to be run therefore anything else would get the standard response of "Administrator Disallowed this application"

In conjunction with the logon application previously mentioned this will work well. I have used this method to only allow certain apps. As for yourself make sure you deny access to the Group Policy Object then it will not affect you.

To limit user who can access this use a Security group and allow only that group to logon through terminal services.

If you want anything expanding please feel free to ask.

Regards

0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 1

Author Comment

by:amitbhardwaj100
ID: 24871901
Thanx for the reply again.
but can you please explain how can I block everything with Group policy except one particular application. I also want the system to log off the client if they close that particular application. is it possible?

0
 
LVL 2

Accepted Solution

by:
acronyms earned 500 total points
ID: 24872181
The only way to log the user off is by using the run application when user starts the Terminal Server Session. When they close that opp it automatically logs them off.

The Group Policy is

User Configuration - Administrative Templates - System

Under the system tab on the right hand pane you will have the "Run Only Allowed Windows Applications"

Open this and define only the name of the Application. You may have to name a few more if your app calls upon other apps to run properly. Trial and error in the sand box I am afraid.

Hope this helps.

0
 
LVL 1

Author Closing Comment

by:amitbhardwaj100
ID: 31604316
The Best way to provide the access to one particular application to user through terminal services is first of all install the terminal services in a application mode and then install the application through control panel, Add New Program. and then provide the access  to that person  to that application only
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
Have you considered what group policies are backwards and forwards compatible? Windows Active Directory servers and clients use group policy templates to deploy sets of policies within your domain. But, there is a catch to deploying policies. The…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question