Is it possible to limit RDP sessions without making the server a Terminal Server

Is it possible to limit RDP sessions without making the server a Terminal Server?  Running 2003 standard.  The server has custom software installed on it and the person that did this is long gone.  He gave the users access to the server console with RDP.  I do not think it is possible to limit the admin RDP session without making the server a terminal server, but I thought I would ask.
asrvwizAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

md624Commented:
Login an administrator to the console session. Lock the console session. This will deny access to the console session for other users.

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Q_26409405.html

You must first disable remote logoff of an administrator, though.

http://www.raseley.com/2009/04/21/deny-logoff-of-an-administrator-logged-in-to-the-console-session/
saastechCommented:
I believe you can do you this. Look at the permission properties window of the RDP.  I have not managed Windows 2003 in awhile but if you can do it in Windows 2008 and Windows 7, i dont see why it may not be there for Windows 2003.

Good Luck.
c0sCommented:
The maximum is 2 sessions, what you can do is force log off after a specific amount of time for idle connections. this can be done through group policy
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

asrvwizAuthor Commented:
Not sure if I am confused or I did not explain it correctly.  I want the user to be able to RDP BUT limit them to only what I want them to see.  IE:  launch explorer and only present them with the icons in that folder, without giving them a desktop.
c0sCommented:
I dont believe windows can do that by default without additional software
asrvwizAuthor Commented:
I believe you must take the server out of remote admin mode and install the terminal server option in add/remove programs, but I was not 100% certain.
md624Commented:
If you want remote file access to the server, why not just create a share for users to navigate from the network? Even with Terminal Services installed, you will not be able to tightly control the UI. This would require something like Citrix.
nappy_dThere are a 1000 ways to skin the technology cat.Commented:
You CAN do it with Citrix but you need to have Active Directory to enforce group policy objects by users and/or groups.
asrvwizAuthor Commented:
The user needs access to a program on the server, and possibly printers.  I have another terminal server that presents an application to the users and that is all the users have access too.
c0sCommented:
i am guessing you are ussing some kind of software to accomplish that, try to find out what is the software in use and use the same on your new server
nappy_dThere are a 1000 ways to skin the technology cat.Commented:
And is that other terminal server part of Active Directory?
asrvwizAuthor Commented:
Yes the other server is part of AD.
nappy_dThere are a 1000 ways to skin the technology cat.Commented:
Then my previous comment stands. You require AD to configure this server. Are both servers part of the same company?
asrvwizAuthor Commented:
Nappy_d,

All I want to accomplish is to allow the user to RDP to the server and have the server present an application.  I am currently doing this on another server.  The other server is in remote admin mode.  I believe I must install terminal services to accomplish this?
nappy_dThere are a 1000 ways to skin the technology cat.Commented:
I understand what you want to accomplish.  But it is all happens with GPOs and AD.  If you do it on a stand alone terminal server without AD present, you will lock ALL users out with the same forced settings, including the administrator.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
asrvwizAuthor Commented:
OK Nappy_d Where do I start with this?
asrvwizAuthor Commented:
Nappy_d,

I have decided to put the server into terminal services mode.  The vendor of the software package says it should work in terminal services mode.
nappy_dThere are a 1000 ways to skin the technology cat.Commented:
Great!  Do you know how to add your Server to the TS licensing server?
asrvwizAuthor Commented:
Yes, I have another one running.
nappy_dThere are a 1000 ways to skin the technology cat.Commented:
anything else I can help you with?
asrvwizAuthor Commented:
Nappy_d,

Yes!!!   I have put the server in TS mode and it works as designed.  When I set an papplication to run it presents just the app, no desktop.  What I need to do is present windows explorer, with a specific folder that I have shortcuts in.  When I try to do this I get a full desktop.
asrvwizAuthor Commented:
I got it to work with some html, and launching iexplore
nappy_dThere are a 1000 ways to skin the technology cat.Commented:
Cool. You can also try calling this "explorer.exe <drive>:\path to folder"
asrvwizAuthor Commented:
Nappy_d

Explorer will not work, because it is the desktop.   As soon as you call explorer you get a desktop.
asrvwizAuthor Commented:
The user needed to launch multiple applications.  I accomplished this by creating an html file, and launching internet explorer, with hyperlinks to all the applications.  I used GP preferences to deliver shortcuts to the user’s desktops for the file access to the server, thus taking the need for access to windows explorer out of the mix.  I got a break because one of the applications opened the printers.  Not sure how to accomplish that without the vendor doing it, without a desktop.
nappy_dThere are a 1000 ways to skin the technology cat.Commented:
Take a look at www.2x.com.   This is lower cost competitor to Citrix and appliction presentation.  it also allows for printing.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VMware

From novice to tech pro — start learning today.