[Last Call] Learn how to a build a cloud-first strategyRegister Now


How do I set up users to log directly into the RDS session with no local control on their computers?

Posted on 2009-12-28
Medium Priority
Last Modified: 2013-12-22
I just set up a Windows Server 2008 R2 server and WEB RDS which works great.  But I have about 15 local users who are on old XP systems which I can't replace right now, so I though If I have them log directly to the RDS with the applications I want to make available to them this could eliminate a purchasing 15 new pc's right now.
Question by:Surengoel
  • 3
  • 3
LVL 22

Expert Comment

by:Jakob Digranes
ID: 26132925
do you mean that you want them to have no control over local machines and go straight into RDS?
You could lock down their local machines through GPO (let me know if you need help with this) and only have RDS available on startup, either start automatically or as only icon on desktop

Author Comment

ID: 26133653
Yes, no control over their desktop and go straight into RDS - and yes need help with local machine lock down - only have RDS available on start up automatically.

Author Comment

ID: 26140372

Are you still commenting on this one?
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

LVL 22

Accepted Solution

Jakob Digranes earned 2000 total points
ID: 26140880
Yes ...
When i comes to locking down the workstation - you would have to decide yourself what actions to take, but here's a walk through to get you started.

Create an OU for the computers you want to lock down
Create a new Group Policy and link it to the OU you hust created
Go to user configuration and Administrative Templates and look at the things you can configure here.
Just walk through every single item (You'll learn quite a bit doing it this way) and enable what you want.
- Hide My computer - enabled
- exclud access to task manager
- run only following programs
- hide local drives
etc ...

Was this something to get you going or shall I dig up a webpage or doc to show this in more detail?
There's no 100% correct or incorrect way to configure this, the configured settings change depending on your needs ...

Author Comment

ID: 26141362
Thanks a ton that's enough I got it from here, how about when they boot up and log-in they are in the terminal session, will that show up in the Admin template?
LVL 22

Expert Comment

by:Jakob Digranes
ID: 26164871
Depending on your OU structure. As long as TS-server is not in that OU - they should be fine within RDP

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question