RDP sessions need to be locked down to certain users

So I inherited a terminal server and thought it was locked down. I saw the policy and it was only showing the groups that I want security filtering applied to. The issue is that it only applies to them and no one else. I want to block all other access to that terminal server unless you part of those groups. How do I block everyone else?
lgalan01Asked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
lgalan01Connect With a Mentor Author Commented:
Found the answer here:
http://www.it-book.co.uk/766/create-a-%E2%80%9Clockdown%E2%80%9D-gpo-for-a-terminal-or-citrix-server-3

Section:
Optional � I also like to set a “deny” permission to make sure that this GPO doesn’t apply to administrators (i.e. so you have full access to the server).
0
 
lgalan01Author Commented:
I have added the groups to the local group "Remote Desktop Users" but still users who aren't in those groups can connect to the server. They also are able to access the server without any of the GPO restrictions. I hope that clarifies it more for you guys.
0
 
Sean JacksonInformation Security AnalystCommented:
I believe you can set this as a Group Policy in Active Directory.  Your Domain Admins likely have access.  Check those.
0
 
lgalan01Author Commented:
So far I have add authenticated users to the "security filtering" and now Administrator has all GPO restrictions when they log into the server. I need to know how do I block everyone except helpdesk, administrator and two security groups.
0
 
lgalan01Author Commented:
It allowed my to assign a group to that the GPO doesn't apply to.
0
All Courses

From novice to tech pro — start learning today.