Solved

Remote Desktop TS

Posted on 2011-02-24
10
419 Views
Last Modified: 2012-05-11
Hi all

I'm fairly new to Terminal Server/Remote Desktop so need some assistance.
Our company is thinking of moving over to Terminal Services for most of our users. We would use a Thin Client to connect our users to the Server.
Is there a way I could configure a base desktop that could be used by the users? Then also configure this desktop to only allow certain menu options be available in the terminal session?
0
Comment
Question by:DJMohr
  • 4
  • 4
  • 2
10 Comments
 
LVL 11

Accepted Solution

by:
MichaelVH earned 250 total points
ID: 34968705
Hi there!

What you try to do is perfectly possible.

Depending on what you are looking for, you could for instance use "thin clients" (Wyse does offer some good ones) to directly "boot" into a Terminal Server session.
You can control what these users can do in their session by using GPO's. These GPO's are often used to "lock down" a terminal server.

The latter is certainly something you SHOULD do.

Grts,

Michael
0
 
LVL 1

Author Comment

by:DJMohr
ID: 34968771
Great!

We have a test Thin Client; it's a HP t5565; that should be fine as well right?

So; I would control everything via GPO then; no need to do weird configs?
0
 
LVL 11

Expert Comment

by:MichaelVH
ID: 34969064
No,

no "weird" configs. GPO's really allow you to control quite a lot of things. Take a look here for more information:
http://www.brianmadden.com/blogs/brianmadden/archive/2008/07/11/how-do-you-lock-down-a-terminal-server.aspx

a HP's thin client should be fine, indeed.
0
 
LVL 1

Author Comment

by:DJMohr
ID: 34969244
Cool will have a look at the link.
I take I'd have to create a new GPO solely for Terminal services?
0
 
LVL 11

Expert Comment

by:MichaelVH
ID: 34969492
That's what I'd suggest. Create a lockdown GPO and assign that GPO to the OU of your Terminal Servers
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 13

Assisted Solution

by:upalakshitha
upalakshitha earned 250 total points
ID: 34971665
0
 
LVL 1

Author Comment

by:DJMohr
ID: 34977826
Ok, all is going smoothly so far. Thanks for the links upalakshitha, some stuff there that I have been looking for.

Ok, so create a GPO for my terminal users and put some restrictive settings in place which is all good.

One other thing I'm having some trouble with is the user profiles. The default location is as you know C:\Users but i would like to move these profiles to another drive. I have configured the user profile in ADUC to point to \\servername\Share\%username%, this was done under terminal services profile and Profile but it keeps creating a temp profile when I log in. How can I get past this? Or is it a setting in the GPO i need to configure?
0
 
LVL 11

Expert Comment

by:MichaelVH
ID: 34978370
0
 
LVL 13

Expert Comment

by:upalakshitha
ID: 34979777
will not  it effect for performance if you move profile to \\servername  ?

 you can do it with GPO
 http://technet.microsoft.com/en-us/library/cc770884(WS.10).aspx
 http://technet.microsoft.com/en-us/library/cc753697(WS.10).aspx
0
 
LVL 1

Author Closing Comment

by:DJMohr
ID: 35092247
Thanks guys, our first test ran quite well, so now we are moving into a full test phase with mulitple users.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

Let’s list some of the technologies that enable smooth teleworking. 
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now