This is the plan:
Users authenticate using their domain credentials over RRAS.
They use RDP to connect to their workstation - they know the internal DNS name of that workstation.
Is it possible to configure specific user accounts within Active Directory to only be able to connect into certain internal resources/devices via some kind of firewall?
e.g. user1 would only be allowed to use RDP on computer1.internal.domain.com and shared drive on server1.internal.domain.com and wouldn't be able to see/scan any other devices
Thanks in advance