Solved

Keeping Users from Remoting into a Server

Posted on 2011-03-18
3
341 Views
Last Modified: 2013-11-21
We have a server 2008 file-server to house users documents.  Today as I was checking the server I noticed a user was logged in.  I checked their account and they do not have remote desktop priveledges.  We also have a Citrix Xen App server that this user has access to as well.  They can get a Xen App desktop.  Is this what is allowing this user to remote into the file server?
What can I do to make domain users not able to log into a server?
0
Comment
Question by:maximus7569
3 Comments
 
LVL 3

Accepted Solution

by:
fireline1082 earned 250 total points
ID: 35167978
You can do it from group policy.
From Ad users and computers, move  the server object to a dedicated OU let's say File Servers OU.
Then create new GPO and link it to File servers OU.

In the GPO, go to security> user right assignment ; then setup allow login locally right with the only accounts that will have access to this server like domain admins..etc
0
 

Author Comment

by:maximus7569
ID: 35169284
Ok I will try that and let you know.
0
 
LVL 17

Assisted Solution

by:Spike99
Spike99 earned 250 total points
ID: 35182177
I would also look at the local Remote Desktop Users group on the terminal server itself.  By default, I believe only Admins will have remote access to a terminal server: all other users or groups have to added manually to that local Remote Desktop Users group to gain access.  By default, the RD Users group is empty.

If either the Domain Users group or the Authenticated Users groups is in that local RD Users group, that would explain how the user was able to log on.

I hope this helps,

Alicia
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Problem Description: Actually I found the below issue with some customers after migration from SMS 2003 to SCCM 2007 and epically if they change site code, some clients may appear in the console with old site code, plus old sites still appearing …
This is my 3rd article on SCCM in recent weeks, the 1st (http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/A_4466-A-beginners-guide-to-installing-SCCM2007-on-Windows-2008-R2-Server.html) dealing with installat…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question