Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Block remote desktop

Posted on 2010-01-05
Medium Priority
Last Modified: 2013-11-30

Is there a way we can block the remote desktop application through group policy?

I dont want to block connections to computer just users being able to use rdp ...

Question by:stairpotato
LVL 13

Accepted Solution

Springy555 earned 1000 total points
ID: 26179727
There is.

For your group policy, go to:

User Configuration --> Administrative Templates -> System --> Don't run specified windows applications.

Enable this and add mstsc.exe

Expert Comment

ID: 26179737
go start administrative tools and open terminal service configuration and click connection from right side click RDC-Tcp and propertoes  then choose Remote Control and hack (Do not allow remote control).

Expert Comment

ID: 26179752

Assisted Solution

jasonbird earned 1000 total points
ID: 26179859
Hi Stairpotato

Go with Springy's answer. The other two options will not help you as they relate directly to blocking remote desktop to the machine itself, something which you explained you still wanted enabled.
By blocking the application itself you will stop the user's ability to run the Terminal Services application, whilst still allowing administrators to access any of the machines themselves.
Depending on how used to Group Policies you are, I would first of all though, create a new Organisation Unit. Then right click on this, select Properties, and edit the Default Group Policy

"User Configuration --> Administrative Templates -> System --> Don't run specified windows applications.

Enable this and add mstsc.exe"

Then move a couiple of machines into the new Organisational Unit and restart them, this way you can test the changes before making the change to all machines in the default OU, or you can move all the machines you want to protect into the new Group.

LVL 10

Expert Comment

ID: 26179862
To use the computer's local group policy to disable Remote Desktop: Click Start, click Run, type gpedit.msc, and then click OK. In the Group Policy editor, click to expand Computer Configuration, click to expand Administrative Templates, click to expand Windows Components, and then click to expand Terminal Services. Double-click the Allow users to connect remotely using Terminal Services policy. Set the policy to Enabled, and then click OK.
You can also use the following procedure to disable Remote Desktop; however, if you use the preceding procedure, the following configuration is overridden: Right-click My Computer and click Properties. Click the Remote tab. In the Remote Desktop section, click to clear Allow users to connect remotely to this computer, and then click OK.
NOTE: Remote Desktop is disabled by default on Windows XP Professional.

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…

569 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question