Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Terminal Service Admin or App mode?

Status
Not open for further replies.
bash3r

bash3r

Technical User
Oct 13, 2001
46
US
I have a W2K server that I need 1 user to connect to, to check email and run a few local apps. My questions is whether I should just set up terminal service in remote admin mode for this one user or setup application mode which I understand is much more involved.

IF I setup remote admin mode can I setup this user so they don't accidently shutdown the server or run any administration programs?? I only want them to be able to open MS Office 2000 and browse the network as if they were a local user.

Any suggestions would be great. Thanks
 
Sort by date Sort by votes
app mode would be the proper way, but if you want to save money on that, you can set through policies that users, or that specic user is allowed to log on to the local console (normal users are not allowed to log on to the server console, nor to the terminal server in remote administration mode) and through the same policies you can set who is allowed to shutdown the system. you will have to be very carefull since the user has access then to the local drive, with all the risks.... is this also the file server ???
 
Upvote 0 Downvote
Ok, here's what I did. I created a new OU and put the user in this OU. Then assigned a new Group Policy for this OU and only gave the users logon permissions, hid all local drives, locked desktop. It works good in remote admin mode and it didnt cost me any more.
 
Upvote 0 Downvote
However, aply also notssid.inf incremental template. Otherwise your TS users will not be differentiated at all in the NTFS permissions onthe TS server.

Gia Betiu
gia@almondeyes.net
Computer Eng. CNE 4, CNE 5, MCSE Win2K
new: (just started)
 
Upvote 0 Downvote
I'd do make this minor change. I prefer to put the server in the OU and apply the GP user settings to the server in loopback mode. Not that it really matters in your scenario since it is for a single user, but that's just my standard practice.

Also, depending on the user's OS running in application mode may not cost you anymore. Windows 2000 and XP professional can connect to a Windows 2000 Application server without the need of purchasing licensing. You will however need to activate a TS licensing server on your network if you run the server in App mode regardless of the user's OS.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
731
Aquiles Vidal
Aquiles Vidal
MattM1975
  • Locked
  • Question
Domain Admin Logon 1
Replies
2
Views
388
ADB100
ADB100
goombawaho
  • Locked
  • Question
Microsoft Azure Active Directory - Backup Admin Account 1
Replies
2
Views
967
goombawaho
goombawaho
ADB100
  • Locked
  • Question
Single Windows 7 Ultimate workstation not applying Registry, Drive Map or Printers GPO settings
Replies
1
Views
446
technome
technome
DrB0b
  • Locked
  • Question
Terminal Server issues doing anything network related after RDPing into
Replies
3
Views
359
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top