Terminal Server connect/disconnect issues

  • Thread starter Thread starter mcsejeff
  • Start date Start date
M

mcsejeff

Guest
Hi,
Client I am working for is trying to lock out all Remote desktop users from
connecting to TS from home for 1 week. Problem being, when I disable RDC in
Active Directory, it kills all of the Thin Clients trying to connect from
within the building. Server is Windows 2003 Standard. I also tried on
certain individual user accounts, to disable remote acccess on the "dial-in"
tab in AD users+groups, set it to deny access. They still had access.
Please Advise!! Thanks in advance for your help.



The problem is when I I am trying to do the following.
 
Re: Terminal Server connect/disconnect issues

Can you provide a little more info on how users connect from home? Are there
machine in the same domain/forest or do they tunnel in? Do you want users to
have access to the corporate network and just block their TS access?

--
This posting is provided "AS IS" with no warranties, and confers no rights.
"mcsejeff" <mcsejeff@discussions.microsoft.com> wrote in message
news:7EFC125B-4946-4D65-8400-823C1EDD7D93@microsoft.com...
> Hi,
> Client I am working for is trying to lock out all Remote desktop users
> from
> connecting to TS from home for 1 week. Problem being, when I disable RDC
> in
> Active Directory, it kills all of the Thin Clients trying to connect from
> within the building. Server is Windows 2003 Standard. I also tried on
> certain individual user accounts, to disable remote acccess on the
> "dial-in"
> tab in AD users+groups, set it to deny access. They still had access.
> Please Advise!! Thanks in advance for your help.
>
>
>
> The problem is when I I am trying to do the following.
 
Re: Terminal Server connect/disconnect issues


Yes, sorry about the lack of information. I am primarily concerned with
users having access to the Company's network from outside of the office. They
would connect primarily with RDConnection, to a TS to give them access to
their programs, docs, etc. When I disabled the RDC with AD, it killed all
of the users inside the building who use thin clients & connect through RD.
I'm just getting use to this network that I have been thrown into the "frying
pan", to try & fix. There is so many things wrong with the way it was
designed, I'm not sure which problem needs to be fixed first, so I'm fixing
them on the fly. Unfortunately, like today, when the DC starts logging people
off for no reason, the client reminded me that it costs them over $50,000/hr
for Network downtime. So there is a little bit of pressure to say the least.
Quick system rundown is like this.
Servers are running Win2K3 Server Stan. w/SP1 (1) DC, (1) Exchange Srvr,
(1) SQL Srvr 7.0, (1) Keytrix Server, (2) Term Serv. RAID-5 SCSI 10K x 21
disks, Quad Xeon 2.8 etc. etc.
Any help is much appreciated!!


"Munindra Das [MSFT]" wrote:

> Can you provide a little more info on how users connect from home? Are there
> machine in the same domain/forest or do they tunnel in? Do you want users to
> have access to the corporate network and just block their TS access?
>
> --
> This posting is provided "AS IS" with no warranties, and confers no rights.
> "mcsejeff" <mcsejeff@discussions.microsoft.com> wrote in message
> news:7EFC125B-4946-4D65-8400-823C1EDD7D93@microsoft.com...
> > Hi,
> > Client I am working for is trying to lock out all Remote desktop users
> > from
> > connecting to TS from home for 1 week. Problem being, when I disable RDC
> > in
> > Active Directory, it kills all of the Thin Clients trying to connect from
> > within the building. Server is Windows 2003 Standard. I also tried on
> > certain individual user accounts, to disable remote acccess on the
> > "dial-in"
> > tab in AD users+groups, set it to deny access. They still had access.
> > Please Advise!! Thanks in advance for your help.
> >
> >
> >
> > The problem is when I I am trying to do the following.
>
>
 
Re: Terminal Server connect/disconnect issues

If I understand your problem correctly, you want to restrict a group of TS
servers to be accessible to users in the domain but not to users who connect
to the network through VPN. Unfortunately the AD policies to allow/disallow
RDC does not differentiate connections coming through VPN or directly from
the network. The VPN or AD folks might have some tricks up their sleeves to
make this happen. You should contact the newgroups at
Microsoft.public.isa.vpn and
Microsoft.public.windows.server.active_directory.

--
This posting is provided "AS IS" with no warranties, and confers no rights.
"mcsejeff" <mcsejeff@discussions.microsoft.com> wrote in message
news:805941C8-2345-41E0-9DE6-C8E58207FB66@microsoft.com...
>
> Yes, sorry about the lack of information. I am primarily concerned with
> users having access to the Company's network from outside of the office.
> They
> would connect primarily with RDConnection, to a TS to give them access to
> their programs, docs, etc. When I disabled the RDC with AD, it killed
> all
> of the users inside the building who use thin clients & connect through
> RD.
> I'm just getting use to this network that I have been thrown into the
> "frying
> pan", to try & fix. There is so many things wrong with the way it was
> designed, I'm not sure which problem needs to be fixed first, so I'm
> fixing
> them on the fly. Unfortunately, like today, when the DC starts logging
> people
> off for no reason, the client reminded me that it costs them over
> $50,000/hr
> for Network downtime. So there is a little bit of pressure to say the
> least.
> Quick system rundown is like this.
> Servers are running Win2K3 Server Stan. w/SP1 (1) DC, (1) Exchange Srvr,
> (1) SQL Srvr 7.0, (1) Keytrix Server, (2) Term Serv. RAID-5 SCSI 10K x 21
> disks, Quad Xeon 2.8 etc. etc.
> Any help is much appreciated!!
>
>
> "Munindra Das [MSFT]" wrote:
>
>> Can you provide a little more info on how users connect from home? Are
>> there
>> machine in the same domain/forest or do they tunnel in? Do you want users
>> to
>> have access to the corporate network and just block their TS access?
>>
>> --
>> This posting is provided "AS IS" with no warranties, and confers no
>> rights.
>> "mcsejeff" <mcsejeff@discussions.microsoft.com> wrote in message
>> news:7EFC125B-4946-4D65-8400-823C1EDD7D93@microsoft.com...
>> > Hi,
>> > Client I am working for is trying to lock out all Remote desktop users
>> > from
>> > connecting to TS from home for 1 week. Problem being, when I disable
>> > RDC
>> > in
>> > Active Directory, it kills all of the Thin Clients trying to connect
>> > from
>> > within the building. Server is Windows 2003 Standard. I also tried on
>> > certain individual user accounts, to disable remote acccess on the
>> > "dial-in"
>> > tab in AD users+groups, set it to deny access. They still had access.
>> > Please Advise!! Thanks in advance for your help.
>> >
>> >
>> >
>> > The problem is when I I am trying to do the following.
>>
>>
 
Back
Top