Solved

Terminal Services in Windows server 2003

Posted on 2009-07-16
7
175 Views
Last Modified: 2013-11-21
I want to gave access to few of our employee terminal access to one of our server but only to a one particular application.
its windows server 2003 R2 Enterprise Edition (Service Pack 1)
not sure how can we do it.
any information will be highly appreciated.
0
Comment
Question by:amitbhardwaj100
  • 3
  • 3
7 Comments
 
LVL 2

Assisted Solution

by:acronyms
acronyms earned 500 total points
ID: 24871056
You can specify that an application is run on start of the Terminal Server Session.

You can do this for the user or for the Terminal Server.

The User is done through the Environment Tab in AD and the Terminal Server itself is done through Terminal Server Management on the server itself.

If you want specifics post back and I will explain exactly how to do it but it it is pretty self explanatory.

Hope this helps.

Regards
0
 
LVL 1

Author Comment

by:amitbhardwaj100
ID: 24871273
Thanx for the quick reply but the information that you provided to run the particular application on logon but my main concern is to provide the access to only one  application and prohibit everything else. I dont want them to access any thing else on that server and I want my self to access everything through terminal services.
0
 
LVL 2

Assisted Solution

by:acronyms
acronyms earned 500 total points
ID: 24871642
I may have misread or misunderstood the question. As I read it the application is on the Server and it will run through Terminal Services on that server. You want the users to have access and run that application and restrict any other access. You want full control to administer the server.

You can use Group Policy to allow only certain .exes to be run therefore anything else would get the standard response of "Administrator Disallowed this application"

In conjunction with the logon application previously mentioned this will work well. I have used this method to only allow certain apps. As for yourself make sure you deny access to the Group Policy Object then it will not affect you.

To limit user who can access this use a Security group and allow only that group to logon through terminal services.

If you want anything expanding please feel free to ask.

Regards

0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 1

Author Comment

by:amitbhardwaj100
ID: 24871901
Thanx for the reply again.
but can you please explain how can I block everything with Group policy except one particular application. I also want the system to log off the client if they close that particular application. is it possible?

0
 
LVL 2

Accepted Solution

by:
acronyms earned 500 total points
ID: 24872181
The only way to log the user off is by using the run application when user starts the Terminal Server Session. When they close that opp it automatically logs them off.

The Group Policy is

User Configuration - Administrative Templates - System

Under the system tab on the right hand pane you will have the "Run Only Allowed Windows Applications"

Open this and define only the name of the Application. You may have to name a few more if your app calls upon other apps to run properly. Trial and error in the sand box I am afraid.

Hope this helps.

0
 
LVL 1

Author Closing Comment

by:amitbhardwaj100
ID: 31604316
The Best way to provide the access to one particular application to user through terminal services is first of all install the terminal services in a application mode and then install the application through control panel, Add New Program. and then provide the access  to that person  to that application only
0

Featured Post

Too many email signature updates to deal with?

Do you feel like you are taking up all of your time constantly visiting users’ desks to make changes to email signatures? Wish you could manage all signatures from one central location, easily design them and deploy them quickly to users? Well, there is an easy way!

Join & Write a Comment

Suggested Solutions

My previous article  (http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/A_4466-A-beginners-guide-to-installing-SCCM2007-on-Windows-2008-R2-Server.html)detailed one possible method to get SCCM 2007 installed an…
This is my 3rd article on SCCM in recent weeks, the 1st (http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/A_4466-A-beginners-guide-to-installing-SCCM2007-on-Windows-2008-R2-Server.html) dealing with installat…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now