Re: How to protect my terminal servers?

Tech-Archive recommends: Fix windows errors by optimizing your registry

---

• From: Venger <venger@xxxxxxxx>
• Date: Sat, 07 Feb 2009 00:42:11 -0600

---

Mrpush wrote:

Venger,

Thanks for your help. I have reviewed the content manager in IE. If I turn this all on from the console, will it apply it to all user sessions?

Or do I need to set it maybe in a GPO or individually?

I also did consider content filtering with my firewall, but it has a limitation of the number of allowed and blocked entries. I would need to upgrade.

What is the "best practice" with content advisor? Seems to me that it would be best to block all content, and then have users ask for permission and I could add the work related sties over a period of time.

It's a bit of work to get setup, but gives total control. I don't want the hassle of downed or rebuilt servers because someone clicked the wrong things.

(I have about 30 users.)

Thanks much,

I suggest you work with it on a standalone PC first to familiarize yourself with how it works. It should apply to all users on the machine once you turn it on. I installed a dummy ratings service that basically rated all pages as forbidden, and then added exceptions as needed.

There will be occassional oddball issues, the big one I've seen is odd javascript behavior because Content Advisor is, after all, a Microsoft product, and it wouldn't be Microsoft of it didn't have shortsighted coding and oddball oddities to deal with. But overall, if you want to lock them down to a handful of sites like yahoo.com or somesuch, it should work (keep in mind that yahoo.com grabs content from other domains, and that can cause a hiccup).

Fact is, it's kind of retarded to run your browser through RDP. It's slow, and any Flash or complex site renders the RDP session near unusable (trying to download printer drivers RDP'd to the console session and going to a manufacturer web site is an exercise in futility). Most folks will figure that out quite easily. Using Content Advisor, you should be able to open up those few sites that you might, for some reason, need to go to during an RDP session.

Venger
.

---

• Follow-Ups:
  • Re: How to protect my terminal servers?
    • From: Mrpush

• References:
  • How to protect my terminal servers?
    • From: Mrpush
  • Re: How to protect my terminal servers?
    • From: Venger
  • Re: How to protect my terminal servers?
    • From: Mrpush

• Prev by Date: TermDD 56 - TS Error
• Next by Date: TS web 2k8 and MOSS 2k7
• Previous by thread: Re: How to protect my terminal servers?
• Next by thread: Re: How to protect my terminal servers?
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: scheduled task never run on RDP? ... Whether your current session is a console or an RDP session is ... >> I am able to run an already-created scheduled task from the RDP (remote ... > the same account as the account that is used for the ... (microsoft.public.win2000.general) RE: TS session logs off Console session ... When connecting to XP Pro, you always connect to the console, as there's ... When connecting to 2000 or NT4TSE, there is no way to connect via RDP to the ... Microsoft MVP - Terminal Server ... > found that when I start an RDP session it will always logoff the console to ... (microsoft.public.windows.terminal_services) Re: Error 0xc011011 in TS Licensing ... Through an rdp session, and there are no ... The eventlog says it can not ... >hand out any more licenses. ... >>the same problem when you use the console of the LS? ... (microsoft.public.win2000.termserv.apps) Re: Error 0xc011011 in TS Licensing ... I am getting the same error and I get it from an RDp session or the console. ... Mine is saying the database is corrupted and cannot add a certificate to the store. ... (microsoft.public.win2000.termserv.apps)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.terminal_services  > 2009-02