Remote desktop user permissions 2003 R2 Standard

Posted on 2011-10-20
Last Modified: 2012-05-12
Hello and thank you for taking the time out to read my question.
Your time is valued and expertise appreciated.

We have 2003 R2 Standard server.
There is a site to site VPN w/ another client of ours who needs to RDP to the server to use some of our management software to look up reports and such.

There is a scrip that maps drives and such to make the management application work.

I do not want these uses to have access to control panel or anything else other than the application and what the script says to do.

I tried to change their permission in AD by removeing Domain User and adding Guest. But when i try to remove Domain User i get an error message that tells me that i can not remove the primary user role.

The option to make gust the primary user is not enabled. This tells me that I'm going the wrong way about this.

 user role
Can someone please assist me and let me know what I need to do to make this happen.

Many thanks in advance.

Question by:loshdog
    LVL 23

    Expert Comment

    by:Stelian Stan
    I think you have to use Group Policy to achieve that.
    LVL 23

    Accepted Solution

    LVL 20

    Assisted Solution

    as well as trying group policy, you could also try configuring the rdp client to simply run the management app - this will only run the management app and wont give you a start menu etc
    LVL 3

    Assisted Solution

    If its the single application that is needed to be accessed; I simply put the application path in the environment of that user. It works as secured only application rdp connection.


    Author Closing Comment

    Thank you

    Featured Post

    Free Trending Threat Insights Every Day

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Join & Write a Comment

    Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
    This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now