Solved

using windows remoteapp without exposing remote desktop admin screen

Posted on 2014-11-03
3
295 Views
Last Modified: 2014-11-24
Hello,

I have a remoteapp server using server 2008 R2 that is running fine.  However if you use remote desktops and go to the IP address the windows server login page will display.  How can I run remoteapp without having the server login page of the server being exposed to the outside world?

Thank you
0
Comment
Question by:Tim Lewis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 40420079
No way to do this. Because remoteapp is built upon RDP, enabling one inherently enables the other. Microsoft has not defined any security policies to filter connections and allow one and prevent the other.
0
 
LVL 15

Accepted Solution

by:
ZabagaR earned 500 total points
ID: 40425059
What I did to help remedy that problem is this:

I put a shortcut to logoff.exe (c:\windows\system32\logoff.exe) in the all users startup folder (C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup)

You have to unhide c:\ProgramData\ - it's hidden by default. Change it in Organize -> Folder & Search -> View.

Then I set the NTFS security on the logoff shortcut so only my group of remote app users could run it (i.e. so admins like myself wouldn't get logged off at log in).

When you use RemoteApp, that \StartUp\ folder where you dropped the logoff shortcut/link isn't processed. So RemoteApp users will be unaffected. Only people logging on with standard RDP session will get logged off

And this will only run logoff.exe for those person(s) or group(s) you set on the security tab of the logoff shortcut.
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 40425078
I'm curious why y'all want to do this. RemoteApp isn't a security boundary and can never effectively be used as one. It is a user interface convenience (and a good one) so I'm not sure what attempting to block traditional RDP accomplishes?
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
Suggested Courses

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question