Jump to content

Restrict Server to Console Mode ONLY

Guest CyberQuad

By Guest CyberQuad
in Windows NT Server

 Share

Recommended Posts

Guest CyberQuad

Guest CyberQuad

Posted
Posted

Can a single Windows Server 2003 server (Computer A) be configured to allow

ONLY the /console type of connection from a workstation (Computer B)?

 

We have a requirement so that only a single connection can connect at a time

(which we can control), but it MUST be a "Console" mode connection (session

0) and we do not want to have to change anything on the client workstations.

 

We have many admins that connect to many servers and want to ensure that if

any connect to Computer A they will always be forced into a "Console" mode

connection (session 0), rather than a normal RDP session (session 1 or

higher).

 

Can this be accomplished and what do I need to change on the server to do so?

  • Replies 5
  • Created
  • Last Reply

Popular Days

Popular Days

Guest sen_ismail@web.de

Guest sen_ismail@web.de

Posted
Posted

Re: Restrict Server to Console Mode ONLY

 

Hi,

 

KB 290720 should help!

 

cheers

Ismail

Guest TP

Guest TP

Posted
Posted

Re: Restrict Server to Console Mode ONLY

 

Hi,

 

If you open up Terminal Services Configuration (tscc.msc)

and remove Administrators from the Permissions tab of

RDP-Tcp Properties then your admins will get an error

if they attempt a non-console RDP connection.

 

This assumes default Permissions and that you have not

made your admins a member of the Remote Desktop

Users group.

 

-TP

 

CyberQuad wrote:

> Can a single Windows Server 2003 server (Computer A) be configured to

> allow ONLY the /console type of connection from a workstation

> (Computer B)?

>

> We have a requirement so that only a single connection can connect at

> a time (which we can control), but it MUST be a "Console" mode

> connection (session 0) and we do not want to have to change anything

> on the client workstations.

>

> We have many admins that connect to many servers and want to ensure

> that if any connect to Computer A they will always be forced into a

> "Console" mode connection (session 0), rather than a normal RDP

> session (session 1 or higher).

>

> Can this be accomplished and what do I need to change on the server

> to do so?

Guest Soo Kuan Teo [MSFT]

Guest Soo Kuan Teo [MSFT]

Posted
Posted

Re: Restrict Server to Console Mode ONLY

 

Please keep in mind that there is a potential multiple admins (with

different user account) try to connect to console at the same time, if this

happen, the existing admin user who gets the console session will be logged

off by the next admin.

Thanks

Soo Kuan

 

 

 

--

This posting is provided "AS IS" with no warranties, and confers no rights.

 

"CyberQuad" <CyberQuad@discussions.microsoft.com> wrote in message

news:60C968B9-838A-4111-ABB2-57E6A4FDCF83@microsoft.com...

> Can a single Windows Server 2003 server (Computer A) be configured to

> allow

> ONLY the /console type of connection from a workstation (Computer B)?

>

> We have a requirement so that only a single connection can connect at a

> time

> (which we can control), but it MUST be a "Console" mode connection

> (session

> 0) and we do not want to have to change anything on the client

> workstations.

>

> We have many admins that connect to many servers and want to ensure that

> if

> any connect to Computer A they will always be forced into a "Console" mode

> connection (session 0), rather than a normal RDP session (session 1 or

> higher).

>

> Can this be accomplished and what do I need to change on the server to do

> so?

Guest TP

Guest TP

Posted
Posted

Re: Restrict Server to Console Mode ONLY

 

That is a good point.

 

This behavior can be controlled with the "Deny log off of an

administrator logged in to the console session" group policy

setting.

 

-TP

 

Soo Kuan Teo [MSFT] wrote:

> Please keep in mind that there is a potential multiple admins (with

> different user account) try to connect to console at the same time,

> if this happen, the existing admin user who gets the console session

> will be logged off by the next admin.

> Thanks

> Soo Kuan

Guest Soo Kuan Teo [MSFT]

Guest Soo Kuan Teo [MSFT]

Posted
Posted

Re: Restrict Server to Console Mode ONLY

 

Good catch! This GP also changes the behavior, if an admin forgot to logoff,

other admin may not be able to login to console, its just something to think

about.

Thanks

Soo Kuan

 

 

 

--

This posting is provided "AS IS" with no warranties, and confers no rights.

 

"TP" <tperson.knowspamn@mailandnews.com> wrote in message

news:u0PPArHFIHA.280@TK2MSFTNGP03.phx.gbl...

> That is a good point.

>

> This behavior can be controlled with the "Deny log off of an administrator

> logged in to the console session" group policy setting.

>

> -TP

>

> Soo Kuan Teo [MSFT] wrote:

>> Please keep in mind that there is a potential multiple admins (with

>> different user account) try to connect to console at the same time,

>> if this happen, the existing admin user who gets the console session

>> will be logged off by the next admin.

>> Thanks

>> Soo Kuan

 Share
Go to topic listing
×
×
  • Create New...