How do I set up users to log directly into the RDS session with no local control on their computers?

I just set up a Windows Server 2008 R2 server and WEB RDS which works great.  But I have about 15 local users who are on old XP systems which I can't replace right now, so I though If I have them log directly to the RDS with the applications I want to make available to them this could eliminate a purchasing 15 new pc's right now.
Who is Participating?
Jakob DigranesConnect With a Mentor Senior ConsultantCommented:
Yes ...
When i comes to locking down the workstation - you would have to decide yourself what actions to take, but here's a walk through to get you started.

Create an OU for the computers you want to lock down
Create a new Group Policy and link it to the OU you hust created
Go to user configuration and Administrative Templates and look at the things you can configure here.
Just walk through every single item (You'll learn quite a bit doing it this way) and enable what you want.
- Hide My computer - enabled
- exclud access to task manager
- run only following programs
- hide local drives
etc ...

Was this something to get you going or shall I dig up a webpage or doc to show this in more detail?
There's no 100% correct or incorrect way to configure this, the configured settings change depending on your needs ...
Jakob DigranesSenior ConsultantCommented:
do you mean that you want them to have no control over local machines and go straight into RDS?
You could lock down their local machines through GPO (let me know if you need help with this) and only have RDS available on startup, either start automatically or as only icon on desktop
SurengoelAuthor Commented:
Yes, no control over their desktop and go straight into RDS - and yes need help with local machine lock down - only have RDS available on start up automatically.
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

SurengoelAuthor Commented:

Are you still commenting on this one?
SurengoelAuthor Commented:
Thanks a ton that's enough I got it from here, how about when they boot up and log-in they are in the terminal session, will that show up in the Admin template?
Jakob DigranesSenior ConsultantCommented:
Depending on your OU structure. As long as TS-server is not in that OU - they should be fine within RDP
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.