NS Baumsteiger
asked on
Concurrent Remote Desktop Sessions for Specific Users
I have a terminal server that specific users need to be able to access in concurrent sessions.
NOT ALL USERS should be allowed concurrent sessions.
The below GPO is being applied to specific users in the SECURITY FILTERING for the GPO. When the computer is listed in SECURITY FILTERING, the GPO overrrides the specific users listed and applies all settings. If the computer is not included, the GPO does not apply for any users.
Here are the details for the GPO that I created:
Administrative Templates
Policy definitions (ADMX files) retrieved from the local machine.System/Group Policy
Policy Setting Comment
User Group Policy loopback processing mode Enabled
Mode: Merge
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Connections
Policy Setting Comment
Restrict Remote Desktop Services users to a single Remote Desktop Services session Enabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Remote Session Environment
Policy Setting Comment
Remove "Disconnect" option from Shut Down dialog Enabled
NOT ALL USERS should be allowed concurrent sessions.
The below GPO is being applied to specific users in the SECURITY FILTERING for the GPO. When the computer is listed in SECURITY FILTERING, the GPO overrrides the specific users listed and applies all settings. If the computer is not included, the GPO does not apply for any users.
Here are the details for the GPO that I created:
Administrative Templates
Policy definitions (ADMX files) retrieved from the local machine.System/Group Policy
Policy Setting Comment
User Group Policy loopback processing mode Enabled
Mode: Merge
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Connections
Policy Setting Comment
Restrict Remote Desktop Services users to a single Remote Desktop Services session Enabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Remote Session Environment
Policy Setting Comment
Remove "Disconnect" option from Shut Down dialog Enabled
ASKER
Coralon,
Thank you. Since this only one machine, I'm gathering from your comment that I'm pretty much SOL on configuring it to allow standard users a single session and administrators multiple sessions.
The reasoning is that the client has legacy software that needs to run, but Server 2008 UAC prompts for permissions when the software is run. In order to get around this, I've created a REMOTEAPP for the software and have saved the Administrator credentials in the RDP file that is created. Users can now run the software without UAC prompting, but this also allows multiple user sessions for standard users, which can be a problem (because these users are all novice to how terminal services operate).
Thank you. Since this only one machine, I'm gathering from your comment that I'm pretty much SOL on configuring it to allow standard users a single session and administrators multiple sessions.
The reasoning is that the client has legacy software that needs to run, but Server 2008 UAC prompts for permissions when the software is run. In order to get around this, I've created a REMOTEAPP for the software and have saved the Administrator credentials in the RDP file that is created. Users can now run the software without UAC prompting, but this also allows multiple user sessions for standard users, which can be a problem (because these users are all novice to how terminal services operate).
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Assisting member stopped following-up on issue.
Resolution was found in Microsoft Press Manual 70-643
Resolution was found in Microsoft Press Manual 70-643
To accomplish what you want, you'd need to break up your machines into 2 groups, and apply 2 different policies, and put the apps out for the different groups.
Coralon