Solved

using windows remoteapp without exposing remote desktop admin screen

Posted on 2014-11-03
3
262 Views
Last Modified: 2014-11-24
Hello,

I have a remoteapp server using server 2008 R2 that is running fine.  However if you use remote desktops and go to the IP address the windows server login page will display.  How can I run remoteapp without having the server login page of the server being exposed to the outside world?

Thank you
0
Comment
Question by:danskoit
  • 2
3 Comments
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 40420079
No way to do this. Because remoteapp is built upon RDP, enabling one inherently enables the other. Microsoft has not defined any security policies to filter connections and allow one and prevent the other.
0
 
LVL 15

Accepted Solution

by:
ZabagaR earned 500 total points
ID: 40425059
What I did to help remedy that problem is this:

I put a shortcut to logoff.exe (c:\windows\system32\logoff.exe) in the all users startup folder (C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup)

You have to unhide c:\ProgramData\ - it's hidden by default. Change it in Organize -> Folder & Search -> View.

Then I set the NTFS security on the logoff shortcut so only my group of remote app users could run it (i.e. so admins like myself wouldn't get logged off at log in).

When you use RemoteApp, that \StartUp\ folder where you dropped the logoff shortcut/link isn't processed. So RemoteApp users will be unaffected. Only people logging on with standard RDP session will get logged off

And this will only run logoff.exe for those person(s) or group(s) you set on the security tab of the logoff shortcut.
0
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 40425078
I'm curious why y'all want to do this. RemoteApp isn't a security boundary and can never effectively be used as one. It is a user interface convenience (and a good one) so I'm not sure what attempting to block traditional RDP accomplishes?
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question