Line One
asked on
Windows 7 RDS workstation - restrict to RDS only
I am looking for a means of locking down Windows 7 workstations in a 2008 R2 RDS environment so that the only thing users can do is run the RDP client on it. What should happen is that when anybody turns the computer on is that at the end of the boot process they find themselves looking at an RDP client 'enter your login name' prompt. The users should have no access to the local system - only an administrator would be able to access any of the local resources. How would I go about doing this?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the additional info. Let me give it a try and get back to you.
ASKER
Having trouble freeing up time. I will close and when I get around to this and have any further questions will post then. Thanks.
ASKER
yo_bee:
Yo write:
"For testing you can also try using RD WEB.
if you have this bat file placed in the start up folder listed above this might give you one more layer of lockdown.
iexplore.exe -k "URL"
example iexplore.exe -k "https://InternalRDService/RDWEB"
**** Why would this be one extra layer of lockdown?
You might want to remove the ability for standard users from using Ctrl + Alt + Del as well
**** How? Group Policy?
++++
radhakrishnan2007:
You write:
Better suggestion would be ask the users to log off the machine once they finished as this is a default behavior for some security reasons. If the current user doesn't log off the current session and shutdown the machine, it will act as the machine is locked and will look for the latest authentication and it says locked and only admin privileged users can unlock it.
**** How would I implement this?