Announcement

Collapse
No announcement yet.

Cutting off inactive RDP sessions

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Cutting off inactive RDP sessions

    Hi Guys,
    Im looking at a GP to cut off idle RDP users. About the 3 hour mark. Now it needs not to effect the citrix boxes (im assuming meaning the sessions on the citrix boxes) I am looking at the below, This would this effect the users Citrix sessions and will this do what i need?

    Local Computer Policy ->computer config-> Administrative Templates -> Windows Components -> Terminal Services -> Sessions

    Enable 'Sets a time limit for active but idle Terminal Services sesssions' and choose your limit
    Last edited by MartinaGreenhill; 22nd October 2010, 14:22.

  • #2
    Re: Cutting off inactive RDP sessions

    You could also set it on individual TS boxes using the configuration manager -- I have no idea if this is a feasible option or if you have too many terminal servers
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: Cutting off inactive RDP sessions

      Basically users RDP onto several servers so i would rather do it as a GP as long as it doesnt effect the citrix service users.

      Comment


      • #4
        Re: Cutting off inactive RDP sessions

        Citrix sessions "ride" on RDP so it will affect your Citrix users.

        Comment


        • #5
          Re: Cutting off inactive RDP sessions

          Ah thats an issue then. Anyone know of a way without having the citrix boxes in another OU?

          Comment


          • #6
            Re: Cutting off inactive RDP sessions

            You could try using Security Filtering to exlude the GPO from being applied to the Citrix servers. Create a domain group called RDP Servers (or whatever), add the TS servers to the group, and add that group to the Security Filtering of the GPO, making sure to remove Authenticated Users from the Security Filtering. My suggestion would be to create a unique GPO for this, enable only the settings that are needed, and link it to the servers OU.

            Comment

            Working...
            X