Killersmits
asked on
Problems with controlling Windows 2008 Terminal Services(Remote Desktop) User icons - User applications
Hi,
I have Installed Remote Desktop Services on Windows 2008 Domain Controller (Stnd) and I'm unable to control access to user icons and applications with security using Remote App Manager. It still displays icons on users desktops and in the programs menu. The user cannot execute the applications, but they are still visable.
How can I prevent the users from, seeing the icons and programs options. I have done what the common FAQ's about the subject suggest, but they are still there.
I want to stop the users being able to see icons such as administration tools and control other icons and apps on the desktop and program menu.
Any help appreciated.
I have Installed Remote Desktop Services on Windows 2008 Domain Controller (Stnd) and I'm unable to control access to user icons and applications with security using Remote App Manager. It still displays icons on users desktops and in the programs menu. The user cannot execute the applications, but they are still visable.
How can I prevent the users from, seeing the icons and programs options. I have done what the common FAQ's about the subject suggest, but they are still there.
I want to stop the users being able to see icons such as administration tools and control other icons and apps on the desktop and program menu.
Any help appreciated.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Thanks Doc! :-)
RemoteApp Manager controls what is visible using RD Web, and allows you to publish applications to a users own desktop environment. It doesn't affect what users see when logging into the desktop environment of the RD Session host. That said, I agree with the others and leave things alone, especially since this is a domain controller and not a dedicated member server that you can blow up.
I didn't notice that this was a DC. Doing any of this on a DC is just insane to me. A Terminal Server is basically just a glorified Workstation for the users. Turning the Domain Controller into a glorified workstation is just totally unacceptable. I'll have no more to do with this one.
Honestly, unless it is a Small Business Server, you should not enable TS access to non-Administrator users on a DC. Better solution is to deploy a new server specifically for TS functionality.
DrUltima
DrUltima
ASKER
Thanks for the feedback everyone.
Regarding Domain controllers, this is what we have, what we want to do in the short term. Which boxes should I have as a DC, GC etc??
1. 2003 Server standard with Exchange 2003. This is our mail server and runs a program used for tracking patients and appointments etc. It also acts as a print server.
2. 2008 Server R2. This is a file server and runs a couple of databases. This is the newer server, and has heaps of RAM, hard drive space/redundency, and CPU power. This is the one I am trying to get TS setup on.
3. We have another 2008 Server R2, which we have installed Exchange 2008 on, in readiness to move our mail to when we get time.
So which ones you you suggest we have as DC, GC, and to hold FSMO roles?
Regarding Domain controllers, this is what we have, what we want to do in the short term. Which boxes should I have as a DC, GC etc??
1. 2003 Server standard with Exchange 2003. This is our mail server and runs a program used for tracking patients and appointments etc. It also acts as a print server.
2. 2008 Server R2. This is a file server and runs a couple of databases. This is the newer server, and has heaps of RAM, hard drive space/redundency, and CPU power. This is the one I am trying to get TS setup on.
3. We have another 2008 Server R2, which we have installed Exchange 2008 on, in readiness to move our mail to when we get time.
So which ones you you suggest we have as DC, GC, and to hold FSMO roles?
your last comment leaves the scope of your initial question i think. You do need sbdy. to help you in fundamental ad- and server-design :-O
you should come back to your initial question - or open a new Q i think.
Ove
you should come back to your initial question - or open a new Q i think.
Ove
Whatever machine you can come up with that you can dedicate to only that purpose. It does not have to be extremely powerful. DCs are low CPU and low memory usage,...but they do have to be dependable and having a hot swappable RAID drives is very important. There should always be two DCs,...if you have only one then you have to be extremely diligent about making good solid Full System State Backups that you can do a Full Restore from in the even of a failure. I would make backups once a week, I wouldn't stretch it any longer than that.
DCs are fine to run other infrastructure services on. They will already have DNS, but you can add DHCP and WINS with no problem at all.
As Ove said, to go any further into that subject you may want to start a new topic.
DCs are fine to run other infrastructure services on. They will already have DNS, but you can add DHCP and WINS with no problem at all.
As Ove said, to go any further into that subject you may want to start a new topic.
ASKER
Thanks for your help guys. I will do as suggested and not try to outsmart the system. But after your comments on DC and Term services being one and the same, Im rethinking the server roles in the long run, and I will probably change things in the long run.
Ok.
Good luck with everything
Good luck with everything
DrUltima