Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Wanet Telecoms Ltd on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

TS 2003 desktop access

Status
Not open for further replies.
bentley45

bentley45

MIS
Jul 15, 2004
120
US
I must be in the minority, because I DO NOT want my users to be able to get to the actual desktop of my Terminal Server 2003. I have created an RDP shortcut that automatically opens the application they need. However, I want to prevent them from changing the properties of this shortcut and logging onto the actual desktop.

I have a TS2000 server and I realize that you can 'lock' the desktop down so that they cannot 'do' anything, but is there any way to prevent the desktop from appearing at all?
Thanks!
 
Sort by date Sort by votes
From within Active Directory for each user you can specify which application opens when they log-in to your Terminal Server. Follow these steps on the Windows 2003 (or 2000 Terminal Server) Server logged-in with domain administrative privilages:

1. Click 'Start' | 'Control Panel' | 'Administrative Tools' | 'Active Directory Users and Computer'

2. Navigate to the user's name that you want to edit, right click and choose 'Properties'

3. On the "Environment" tab, enter the program path and start-in directory (the root path of the executable that you're launching) and your users will not be able to override this by editing a shortcut.
 
Upvote 0 Downvote
Ok, as usual, nothing is simple, so now I find out that I must give the user access to 3 applications. All reside in the same subfolder, so is there still a way to use the environment tab and give them access to all 3?
 
Upvote 0 Downvote
A quick question Bentley, why not just lock down the desktop to kingdom come?

I've used what MB has suggested, although I used group policy to push it, but for multiple applications I think it may be time to give them desktop access and nothing else. Use group policy to lock them out of everything (IE, desktop controls, taskmanager controls, help files, etc...)

Or, another alternative (setting up several policies to launch multiple apps just doesn't strike me as the right thing to do) is to create multiple user accounts for this, one associated with each application and give them an RDP icon for each application, each icon associated with a different username.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
558
MaioMaio
MaioMaio
tscstl
  • Locked
  • Question
access to local folder
Replies
1
Views
394
hairlessupportmonkey
hairlessupportmonkey
iCDT
  • Locked
  • Question
Remote Desktop Web Access ( No application available)
Replies
2
Views
349
hairlessupportmonkey
hairlessupportmonkey
StevenFromSouth
  • Locked
  • Question
VPN Connects but cannot access remote network computers or folders
Replies
1
Views
355
StevenFromSouth
StevenFromSouth
Leozack
  • Locked
  • Question
MDT TS move computer OU
Replies
0
Views
233
Leozack
Leozack

Part and Inventory Search

Sponsor

Back
Top