No announcement yet.

terminal server security

  • Filter
  • Time
  • Show
Clear All
new posts

  • terminal server security


    We have recently implement RDS role in Windows Server 2008 R2 64 Edition . Now when my users are logging using RDS , they are even able to save the files in the local c:\ on server , is it possible to restrict that.

    I just want them to save on their desktop , I mean in their profile only ...not in the server C: drive ..


  • #2
    Re: terminal server security

    How about restricting access to the drives via GPO:
    A recent poll suggests that 6 out of 7 dwarfs are not happy


    • #3
      Re: terminal server security

      yes. It's possible to do that.

      Since I know what your next question is going to be, please find following details and instructions on how to complete this task.

      Step 1: do plenty of google research about redirected profiles
      step 2: do plenty of google research about group policy.
      step 3: research and identify specific group policy options and group policy prefernces that meet your defined business requirements
      step 4: implement those requirements in a test group policy object.
      step 5: do plenty of google research on how to apply group policy objects to specific subsets of users.
      step 6: apply your newly created group policy object to a specific subset of users or objects to test the group policy works as expected and has no undesired effects
      step 7: do plenty of google research on how to apply group policy objects on a wider basis.
      step 8: implenent your group policy against all relevant users.
      step 9: document your solution so that (a) your colleagues know what has been done, and why, as well as why it works ; (b) so you know in future and can refer to it if necessary.

      I apologise for some of the earlier comments that appeared in this post.
      Last edited by tehcamel; 8th December 2014, 00:29.
      Please do show your appreciation to those who assist you by leaving Rep Point


      • #4
        Re: terminal server security

        Regrettably needed to do a minor edit to step 9, but otherwise concur completely with tehcamels post above
        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd

        ** Remember to give credit where credit is due and leave reputation points where appropriate **