|
Posted by Paul Bergson [MVP-DS] on May 23, 2007, 8:25 am
Please log in for more thread options
I don't know of anyway where you can explicitly disallow a user to use the
console yet be able to logon to the box remotely. The only way I know is
don't allow remote access, via the rdp configuration.
--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.
> Is it possible to disallow console login for certain users/groups?
>
> By console login in mean using RD like so:
>
> mstsc /v:box1 -console
>
> The scenario is that I would like for only one user on the box to be
> allowed to login to the console (session 0). This is because the box
> is running an application that unfortunately cannot be run as a
> service, thus we need to preserve the console login and do not want
> any other user assuming session 0.
>
> I know you can disable kicking off an admin logged in to session 0 in
> gpedit, but i would like to go one step further and explicity deny the
> right to all users except for one.
>
> Is it possible?
>
> Thanks
> JS
>
| 
XML Sitemap