[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 589
  • Last Modified:

server 2008 r2 remote desktop users

I have got to audit a server for local group memberships, one thing that stood out was the default "remote users group" had no members? In this case how can admins use mstsc.exe to remote onto the server? Can this type of access be controlled by other means?
0
pma111
Asked:
pma111
1 Solution
 
Boyd (HiTechCoach) Trimmell, Microsoft Access MVPCommented:
What mode is the server running Terminal Services?

 If in administration mode then users in the administrator group  already have remote access privileges. Only members of the administrator group can log on remotely.

If you are running in application mode then you  would assign standard users to "remote users group"  to allow remote log on.
0
 
pma111Author Commented:
I assume the top option from what you have said but I will check.
0
 
McKnifeCommented:
The mode is not responsible for that behavior.
Please check the following policy: http://technet.microsoft.com/en-us/library/cc758613(v=ws.10).aspx
Allow log on through Terminal Services


Description


This security setting determines which users or groups have permission to log on as a Terminal Services client.

Default:
• On workstation and servers: Administrators, Remote Desktop Users.


• On domain controllers: Administrators.

That's why.
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now