Terminal Server 2008 Lockdown

I have users logging into the termianl server, which is also my domain server, I need to know how to hide everything but the programs on the desktop for all users but the administrator
jdsdesktop1Asked:
Who is Participating?
 
Brian BEE Topic Advisor, Independant Technology ProfessionalCommented:
Using your DC as a terminal server is a risky prospect because of the potential damage someone could inflict if you don't get security perfect. Not only that, they could seriously bog down your entire network if somebody does something that take up a lot of processor cycles. Is there another option?

If not, depending on your windows version, microsoft licensing permits you to install another copy of your windows server software as a virtual machine. Maybe that would be easier to manage.
0
 
jdsdesktop1Author Commented:
I have been using this solutions for 10 Years, however i was using 2000 server, which i just upgraded from, It worked great, but i was using a menu program which only allowed the users to use the programs published, they could not access anything else, Do you know of such a solution
0
 
Brian BEE Topic Advisor, Independant Technology ProfessionalCommented:
With 2008 your best bet is usually to use group policy. Here is some more info to go over. Just be careful and understand what these changes might do. You could accidentally lock yourself out of the domain controller. The trick is to make sure the policy applies only to the remote desktop users.
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Remote_Desktop-Terminal_Services/Q_23046909.html
http://social.technet.microsoft.com/Forums/en-US/windowsserver2008r2rds/thread/cbe20ca5-9ab6-4daf-a8c7-2055d0a4ca6f/
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.