Link to home
Start Free TrialLog in
Avatar of kubiaco
kubiaco

asked on

Allow Remote App but dis-allow Remote Desktop

Hello Professionals,

I currently publish a handfull of apps via Terminal Services RemoteApp in Win2008 server. Of course, the more enterprising users quickly discover they can also access the desktop via remote desktop as well. Though I know how to restrict them to certain apps once on the dektop itself, I would rather disallow direct desktop access while still allowing them to access only the published applicaitons.

Is this possible either in the OS or 3rd party app?

Thank you for your time.
Avatar of TechnicallyMaybe
TechnicallyMaybe
Flag of United States of America image

There isn't an "officially sanctioned" way to do this because, fundamentally, TS RemoteApp functionality is just leveraging existing Remote Desktop code. You could do something silly like use Group Policy to set the user's shell to be "logoff.exe" such that if they attempted to access the machine's desktop they'd be immediately logged-off. Any application that uses a common "File / Open" dialog, though, can be used to get a command prompt or other programs open on the server's desktop.
Avatar of kubiaco
kubiaco

ASKER

Thank you for the reply. I have seen this suggestion as well and thought about giving it a shot but first wanted to see if there was a bona fide config change that I could make to disallow the desktop access.
ASKER CERTIFIED SOLUTION
Avatar of kubiaco
kubiaco

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of kubiaco

ASKER

Came up with alternate solution