using windows remoteapp without exposing remote desktop admin screen

Hello,

I have a remoteapp server using server 2008 R2 that is running fine.  However if you use remote desktops and go to the IP address the windows server login page will display.  How can I run remoteapp without having the server login page of the server being exposed to the outside world?

Thank you
LVL 1
Tim LewisNetwork ManagerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Cliff GaliherCommented:
No way to do this. Because remoteapp is built upon RDP, enabling one inherently enables the other. Microsoft has not defined any security policies to filter connections and allow one and prevent the other.
ZabagaRCommented:
What I did to help remedy that problem is this:

I put a shortcut to logoff.exe (c:\windows\system32\logoff.exe) in the all users startup folder (C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup)

You have to unhide c:\ProgramData\ - it's hidden by default. Change it in Organize -> Folder & Search -> View.

Then I set the NTFS security on the logoff shortcut so only my group of remote app users could run it (i.e. so admins like myself wouldn't get logged off at log in).

When you use RemoteApp, that \StartUp\ folder where you dropped the logoff shortcut/link isn't processed. So RemoteApp users will be unaffected. Only people logging on with standard RDP session will get logged off

And this will only run logoff.exe for those person(s) or group(s) you set on the security tab of the logoff shortcut.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Cliff GaliherCommented:
I'm curious why y'all want to do this. RemoteApp isn't a security boundary and can never effectively be used as one. It is a user interface convenience (and a good one) so I'm not sure what attempting to block traditional RDP accomplishes?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.