Announcement

Collapse
No announcement yet.

How to block user from TS access from outside office

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to block user from TS access from outside office

    Hi.

    A company want to block access for a specific user, so he cannot be able to log on to the TS from his home. They want him to be at the office to be able to log on.

    How to do that?

    The SBS 2008 is an TS Gateway, and a Server 2008 R2 is the TS.

    Best regards Steffen

  • #2
    Re: How to block user from TS access from outside office

    Hi,

    You can enable NAP...

    http://technet.microsoft.com/en-us/l...72(WS.10).aspx
    Best Regards,

    Yuval Sinay

    LinkedIn: https://www.linkedin.com/in/yuval14, Blog: http://blogs.microsoft.co.il/blogs/yuval14

    Comment


    • #3
      Re: How to block user from TS access from outside office

      Here's how we do it, it's admittedly crude but it works:

      We use a login script to check the connecting computer's name and if it doesn't match a list of approved computer names we don't allow the connection. We do a username check for approved users to allow specific users to bypass the computer check. You could do this for all of your users except the user in question and perform a check for this user's office computer name. Here's our script:

      IF %USERNAME% == janedoe GOTO OK
      IF %CLIENTNAME% == mycomputer GOTO OK


      msg * You are not authorized to login from this location. You will be logged off in 10 seconds. Please contact your administrator.

      sleep 10

      LOGOFF
      :OK
      EXIT


      Simply add as many lines as you need for each computer or user you want this to apply to or you want to bypass the check.

      Comment


      • #4
        Re: How to block user from TS access from outside office

        Hello.

        I figured out how to do this.

        I created an Security Group and added all users except the one that should not have access from WAN.

        I then edited the General TS CAP by removing Domain Users group and instead add the newly created Security Group.

        Regards Steffen

        Comment

        Working...
        X