Solved

Keeping Users from Remoting into a Server

Posted on 2011-03-18
3
342 Views
Last Modified: 2013-11-21
We have a server 2008 file-server to house users documents.  Today as I was checking the server I noticed a user was logged in.  I checked their account and they do not have remote desktop priveledges.  We also have a Citrix Xen App server that this user has access to as well.  They can get a Xen App desktop.  Is this what is allowing this user to remote into the file server?
What can I do to make domain users not able to log into a server?
0
Comment
Question by:maximus7569
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 3

Accepted Solution

by:
fireline1082 earned 250 total points
ID: 35167978
You can do it from group policy.
From Ad users and computers, move  the server object to a dedicated OU let's say File Servers OU.
Then create new GPO and link it to File servers OU.

In the GPO, go to security> user right assignment ; then setup allow login locally right with the only accounts that will have access to this server like domain admins..etc
0
 

Author Comment

by:maximus7569
ID: 35169284
Ok I will try that and let you know.
0
 
LVL 17

Assisted Solution

by:Spike99
Spike99 earned 250 total points
ID: 35182177
I would also look at the local Remote Desktop Users group on the terminal server itself.  By default, I believe only Admins will have remote access to a terminal server: all other users or groups have to added manually to that local Remote Desktop Users group to gain access.  By default, the RD Users group is empty.

If either the Domain Users group or the Authenticated Users groups is in that local RD Users group, that would explain how the user was able to log on.

I hope this helps,

Alicia
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Case Summary: In this Article we introduce the new method to configure the default user profile using Automated profile copy with sysprep rather than the old ways such as the manual copy of a configured profile to default user profile Old meth…
This is my 3rd article on SCCM in recent weeks, the 1st (http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/A_4466-A-beginners-guide-to-installing-SCCM2007-on-Windows-2008-R2-Server.html) dealing with installat…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question