I was trying to connect to our domain controller running W2K8 R2, I was unable to access it using an RDP console, it was ping-able on the network.
We connected into it on a console and thought that perhaps we needed to toggle the 'allow remote connections...', we immediately noticed that there were many users that had somehow been added in as being allowed remote access.
Any ideas as to how these users were somehow added into this and being granted remote access?
I was under the impression that they needed to be added in manually, is it possible that they somehow were added in automatically as part of a security group that has been granted remote access to this DC?
Any help on this would be greatly appreciated as I have never come across this before.
I dug in a little further and I am seeing this...
The users are all listed in a security group called "Remote Desktop Users" which is a "Security Group - Domain Local" domain local security group.
How is this group adding itself in like that? I thought that you had to manually add users in the "Select Remote Users" box under the 'Remote' tab in 'System Properties'.
Will rebooting the server remove them?
How can we prevent this from happening again?
Thank-you for taking the time to respond to this post, it is greatly appreciated.
Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.
If you migrate a Terminal Server licenses server inside the 2008 server family, you can takte advantage of the build-in migration tool. If you like to migrate an older 2003 Server (and the installed client CALs) to a 2008 R2 server for example, you …
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users. DHCP dynamically manages this process, much to the relief of users and administrators alike!
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility.
Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…