Re: Terminal Services Setup/Flaw

From: moncho <moncho@xxxxxxxxxxxxxxxxx>
Date: Mon, 12 Nov 2007 14:13:50 GMT

RemyMaza wrote:

I'm a new hire to a company and I've never used TS before. I was given my domain admin priviledges and went to work last week. I was probing and testing the network for any flaws and I found a big one I'd like to fix. I am able to .rdp into the terminal server and from there I'm able to use .rdp into any other server in the network. The problem lies not with my login but with a normal user's login, I'm able to do this. What can I do to prevent normal user's from logging into any machine they want?

Server '03 SP2

What is a "normal" user?

Do you mean any user in the "Users" or "Authenticated Users" group?

I would start there.

I would check to see if there are any group policies setup to allow
this type of access.

If a "normal" users can RDP in a DC, that is a big issue.

If your own login can RDP to any server, that seems OK since
you are the Domain Admin. If that fits your companies security
policies.

moncho
.

Prev by Date: Re: IE Broken?
Next by Date: Terminal Server / Application Server / File Server
Previous by thread: Basic : using terminal services for monitoring
Next by thread: Re: Terminal Services Setup/Flaw
Index(es):
- Date
- Thread

Relevant Pages

Re: RDP to internal client machine?
... Have the router successfully setup to allow VPN to the server, some other activites and can successfully RDP to the server When needed, i've been able to then RDP to other computers within the network, but then comes very slow and uses up one of the RDP connections on the server ... I'm attempting to get a straight RDP connection to ONE of the client machines within the network I don't need it on all but just this one specific computer ... Will my desired setup even work at any point on this SBS setup? ...
(microsoft.public.windows.server.sbs)
RDP to internal client machine?
... Have the router successfully setup to allow VPN to the server, ... to then RDP to other computers within the network, ... machines within the network I ...
(microsoft.public.windows.server.sbs)
Re: RDP to internal client machine?
... Have the router successfully setup to allow VPN to the server, ... activites and can successfully RDP to the ... I'm attempting to get a straight RDP connection to ONE of the client ... machines within the network ...
(microsoft.public.windows.server.sbs)
Re: RDP Connections - Freeze or Reconnect
... You mentioned seeing a red X on the server's network connection in an earlier post. ... I assume you are referring to the NIC connection object on the server. ... I say several ports away because in some cases adjacent switch ports will share the same part. ... Lan users connect directly to internal IP of server through RDP. ...
(microsoft.public.windows.terminal_services)
Re: RDP to internal client machine?
... Have the router successfully setup to allow VPN to the server, ... activites and can successfully RDP to the ... I'm attempting to get a straight RDP connection to ONE of the client ... machines within the network ...
(microsoft.public.windows.server.sbs)