Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

using windows remoteapp without exposing remote desktop admin screen

Posted on 2014-11-03
3
Medium Priority
?
329 Views
Last Modified: 2014-11-24
Hello,

I have a remoteapp server using server 2008 R2 that is running fine.  However if you use remote desktops and go to the IP address the windows server login page will display.  How can I run remoteapp without having the server login page of the server being exposed to the outside world?

Thank you
0
Comment
Question by:Tim Lewis
  • 2
3 Comments
 
LVL 60

Expert Comment

by:Cliff Galiher
ID: 40420079
No way to do this. Because remoteapp is built upon RDP, enabling one inherently enables the other. Microsoft has not defined any security policies to filter connections and allow one and prevent the other.
0
 
LVL 15

Accepted Solution

by:
ZabagaR earned 2000 total points
ID: 40425059
What I did to help remedy that problem is this:

I put a shortcut to logoff.exe (c:\windows\system32\logoff.exe) in the all users startup folder (C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup)

You have to unhide c:\ProgramData\ - it's hidden by default. Change it in Organize -> Folder & Search -> View.

Then I set the NTFS security on the logoff shortcut so only my group of remote app users could run it (i.e. so admins like myself wouldn't get logged off at log in).

When you use RemoteApp, that \StartUp\ folder where you dropped the logoff shortcut/link isn't processed. So RemoteApp users will be unaffected. Only people logging on with standard RDP session will get logged off

And this will only run logoff.exe for those person(s) or group(s) you set on the security tab of the logoff shortcut.
0
 
LVL 60

Expert Comment

by:Cliff Galiher
ID: 40425078
I'm curious why y'all want to do this. RemoteApp isn't a security boundary and can never effectively be used as one. It is a user interface convenience (and a good one) so I'm not sure what attempting to block traditional RDP accomplishes?
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
Like many organizations, your foray into cloud computing may have started with an ancillary or security service, like email spam and virus protection. For some, the first or second step into the cloud was moving email off-premise. For others, a clou…
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

927 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question