Restrict Server to Console Mode ONLY

  • Thread starter Thread starter CyberQuad
  • Start date Start date
C

CyberQuad

Guest
Can a single Windows Server 2003 server (Computer A) be configured to allow
ONLY the /console type of connection from a workstation (Computer B)?

We have a requirement so that only a single connection can connect at a time
(which we can control), but it MUST be a "Console" mode connection (session
0) and we do not want to have to change anything on the client workstations.

We have many admins that connect to many servers and want to ensure that if
any connect to Computer A they will always be forced into a "Console" mode
connection (session 0), rather than a normal RDP session (session 1 or
higher).

Can this be accomplished and what do I need to change on the server to do so?
 
Re: Restrict Server to Console Mode ONLY

Hi,

KB 290720 should help!

cheers
Ismail
 
Re: Restrict Server to Console Mode ONLY

Hi,

If you open up Terminal Services Configuration (tscc.msc)
and remove Administrators from the Permissions tab of
RDP-Tcp Properties then your admins will get an error
if they attempt a non-console RDP connection.

This assumes default Permissions and that you have not
made your admins a member of the Remote Desktop
Users group.

-TP

CyberQuad wrote:
> Can a single Windows Server 2003 server (Computer A) be configured to
> allow ONLY the /console type of connection from a workstation
> (Computer B)?
>
> We have a requirement so that only a single connection can connect at
> a time (which we can control), but it MUST be a "Console" mode
> connection (session 0) and we do not want to have to change anything
> on the client workstations.
>
> We have many admins that connect to many servers and want to ensure
> that if any connect to Computer A they will always be forced into a
> "Console" mode connection (session 0), rather than a normal RDP
> session (session 1 or higher).
>
> Can this be accomplished and what do I need to change on the server
> to do so?
 
Re: Restrict Server to Console Mode ONLY

Please keep in mind that there is a potential multiple admins (with
different user account) try to connect to console at the same time, if this
happen, the existing admin user who gets the console session will be logged
off by the next admin.
Thanks
Soo Kuan



--
This posting is provided "AS IS" with no warranties, and confers no rights.

"CyberQuad" <CyberQuad@discussions.microsoft.com> wrote in message
news:60C968B9-838A-4111-ABB2-57E6A4FDCF83@microsoft.com...
> Can a single Windows Server 2003 server (Computer A) be configured to
> allow
> ONLY the /console type of connection from a workstation (Computer B)?
>
> We have a requirement so that only a single connection can connect at a
> time
> (which we can control), but it MUST be a "Console" mode connection
> (session
> 0) and we do not want to have to change anything on the client
> workstations.
>
> We have many admins that connect to many servers and want to ensure that
> if
> any connect to Computer A they will always be forced into a "Console" mode
> connection (session 0), rather than a normal RDP session (session 1 or
> higher).
>
> Can this be accomplished and what do I need to change on the server to do
> so?
 
Re: Restrict Server to Console Mode ONLY

That is a good point.

This behavior can be controlled with the "Deny log off of an
administrator logged in to the console session" group policy
setting.

-TP

Soo Kuan Teo [MSFT] wrote:
> Please keep in mind that there is a potential multiple admins (with
> different user account) try to connect to console at the same time,
> if this happen, the existing admin user who gets the console session
> will be logged off by the next admin.
> Thanks
> Soo Kuan
 
Re: Restrict Server to Console Mode ONLY

Good catch! This GP also changes the behavior, if an admin forgot to logoff,
other admin may not be able to login to console, its just something to think
about.
Thanks
Soo Kuan



--
This posting is provided "AS IS" with no warranties, and confers no rights.

"TP" <tperson.knowspamn@mailandnews.com> wrote in message
news:u0PPArHFIHA.280@TK2MSFTNGP03.phx.gbl...
> That is a good point.
>
> This behavior can be controlled with the "Deny log off of an administrator
> logged in to the console session" group policy setting.
>
> -TP
>
> Soo Kuan Teo [MSFT] wrote:
>> Please keep in mind that there is a potential multiple admins (with
>> different user account) try to connect to console at the same time,
>> if this happen, the existing admin user who gets the console session
>> will be logged off by the next admin.
>> Thanks
>> Soo Kuan
 

Similar threads

B
Here is Practical Explanation about Next Life, Purpose of Human Life, philosophical/religious facts, theories etc.
Replies
0
Views
62
Bhuta-Bhavya-Bhavat-Prabh
B
N
Kernel-mode and user-mode caching
Replies
0
Views
281
Nedim
N
M
Have a video game console? This $48 device on Amazon makes it feel so much faster
Replies
0
Views
108
Maren Estrada
M
C
These awesome new Google Maps driving mode features are coming soon
Replies
0
Views
97
Chris Smith
C
M
Did someone make a mistake? There’s no way this soundbar should only cost $49.99
Replies
0
Views
60
Maren Estrada
M
Back
Top