Jump to content

Can I block a group from accessing Remote Desktop Web Connection?

Guest D Smith

By Guest D Smith
May 15, 2008 in Windows NT Server

Share

https://extremetechsupport.com/topic/92545-can-i-block-a-group-from-accessing-remote-desktop-web-connection/

Recommended Posts

Guest D Smith

Guest D Smith

Posted May 15, 2008

Posted May 15, 2008

We have a windows 2003 terminal server here in our office that is used by

many internal employees. They login and do their work on the terminal server.

Some time ago we had some IT consultants come in and setup Remote Desktop Web

Connection on the same server as a remote access method. This way some

employees can login to the web page and access the server from outside the

office.

Now I need to figure out a way to restrict the people that can access the

Remote Desktop Web Connection without restricting people from access from

regular remote desktop inside the office.

After lots of searching I cannot find a solution to this problem. Any

setting I find in group policy relates to both types of remote access.

Is there a way that I can grant access to only certain users or groups to

the web access without affecting normal remote desktop?

Thank you!

3 weeks later...

Popular Days

Popular Days

Guest Ratnesh Yadav [MSFT]

Guest Ratnesh Yadav [MSFT]

Posted May 31, 2008

Posted May 31, 2008

Re: Can I block a group from accessing Remote Desktop Web Connection?

Check following link for configuring users permission to access Remote

Desktop Web,

http://www.microsoft.com/windowsxp/using/networking/expert/northrup_03may16.mspx

Ratnesh

"D Smith" <DSmith@discussions.microsoft.com> wrote in message

news:5FB56B32-44C4-4AEF-B439-A47A710F7910@microsoft.com...

> We have a windows 2003 terminal server here in our office that is used by

> many internal employees. They login and do their work on the terminal

> server.

> Some time ago we had some IT consultants come in and setup Remote Desktop

> Web

> Connection on the same server as a remote access method. This way some

> employees can login to the web page and access the server from outside the

> office.

>

> Now I need to figure out a way to restrict the people that can access the

> Remote Desktop Web Connection without restricting people from access from

> regular remote desktop inside the office.

>

> After lots of searching I cannot find a solution to this problem. Any

> setting I find in group policy relates to both types of remote access.

>

> Is there a way that I can grant access to only certain users or groups to

> the web access without affecting normal remote desktop?

>

>

> Thank you!

Guest Vera Noest [MVP]

Guest Vera Noest [MVP]

Posted May 31, 2008

Posted May 31, 2008

Re: Can I block a group from accessing Remote Desktop Web Connection?

But that article does not answer the OPs question at all.

DSmith, the only concept that comes to my mind is to prohit users

to get to the Remote Desktop website at all. Maybe you can

configure IIS with an extra layer of security.

You will have to create 2 different user groups, like:

RDUsers_from_everywhere and RDUsers_inside_only and give only

members of RDUsers_from_everywhere permission to get to the website

at all.

Drawback is that your permitted users from the outside will have to

authenticate twice, first with IIS and then with the TS.

_________________________________________________________

Vera Noest

MCSE, CCEA, Microsoft MVP - Terminal Server

TS troubleshooting: http://ts.veranoest.net

___ please respond in newsgroup, NOT by private email ___

"Ratnesh Yadav [MSFT]" <Ratnesh.Yadav@microsoft.com> wrote on 31

maj 2008 in microsoft.public.windows.terminal_services:

> Check following link for configuring users permission to access

> Remote Desktop Web,

> http://www.microsoft.com/windowsxp/using/networking/expert/northr

> up_03may16.mspx

>

> Ratnesh

>

> "D Smith" <DSmith@discussions.microsoft.com> wrote in message

> news:5FB56B32-44C4-4AEF-B439-A47A710F7910@microsoft.com...

>> We have a windows 2003 terminal server here in our office that

>> is used by many internal employees. They login and do their

>> work on the terminal server.

>> Some time ago we had some IT consultants come in and setup

>> Remote Desktop Web

>> Connection on the same server as a remote access method. This

>> way some employees can login to the web page and access the

>> server from outside the office.

>>

>> Now I need to figure out a way to restrict the people that can

>> access the Remote Desktop Web Connection without restricting

>> people from access from regular remote desktop inside the

>> office.

>>

>> After lots of searching I cannot find a solution to this

>> problem. Any setting I find in group policy relates to both

>> types of remote access.

>>

>> Is there a way that I can grant access to only certain users or

>> groups to the web access without affecting normal remote

>> desktop?

>>

>>

>> Thank you!

Guest DSmith

Guest DSmith

Posted June 5, 2008

Posted June 5, 2008

Re: Can I block a group from accessing Remote Desktop Web Connecti

Re: Can I block a group from accessing Remote Desktop Web Connecti

This sounds like what I need, do you know of an article or something that I

can read that would explain how to setup this extra layer of security around

IIS?

Thanks!

"Vera Noest [MVP]" wrote:

> But that article does not answer the OPs question at all.

>

> DSmith, the only concept that comes to my mind is to prohit users

> to get to the Remote Desktop website at all. Maybe you can

> configure IIS with an extra layer of security.

> You will have to create 2 different user groups, like:

> RDUsers_from_everywhere and RDUsers_inside_only and give only

> members of RDUsers_from_everywhere permission to get to the website

> at all.

> Drawback is that your permitted users from the outside will have to

> authenticate twice, first with IIS and then with the TS.

>

> _________________________________________________________

> Vera Noest

> MCSE, CCEA, Microsoft MVP - Terminal Server

> TS troubleshooting: http://ts.veranoest.net

> ___ please respond in newsgroup, NOT by private email ___

>

> "Ratnesh Yadav [MSFT]" <Ratnesh.Yadav@microsoft.com> wrote on 31

> maj 2008 in microsoft.public.windows.terminal_services:

>

> > Check following link for configuring users permission to access

> > Remote Desktop Web,

> > http://www.microsoft.com/windowsxp/using/networking/expert/northr

> > up_03may16.mspx

> >

> > Ratnesh

> >

> > "D Smith" <DSmith@discussions.microsoft.com> wrote in message

> > news:5FB56B32-44C4-4AEF-B439-A47A710F7910@microsoft.com...

> >> We have a windows 2003 terminal server here in our office that

> >> is used by many internal employees. They login and do their

> >> work on the terminal server.

> >> Some time ago we had some IT consultants come in and setup

> >> Remote Desktop Web

> >> Connection on the same server as a remote access method. This

> >> way some employees can login to the web page and access the

> >> server from outside the office.

> >>

> >> Now I need to figure out a way to restrict the people that can

> >> access the Remote Desktop Web Connection without restricting

> >> people from access from regular remote desktop inside the

> >> office.

> >>

> >> After lots of searching I cannot find a solution to this

> >> problem. Any setting I find in group policy relates to both

> >> types of remote access.

> >>

> >> Is there a way that I can grant access to only certain users or

> >> groups to the web access without affecting normal remote

> >> desktop?

> >>

> >>

> >> Thank you!

>

Guest Vera Noest [MVP]

Guest Vera Noest [MVP]

Posted June 6, 2008

Posted June 6, 2008

Re: Can I block a group from accessing Remote Desktop Web Connecti

Re: Can I block a group from accessing Remote Desktop Web Connecti

Try posting in an IIS newsgroup, they can surely tell you how to

password-protect a webpage. You can do this in IIS Manager, but I

don't know the details.

_________________________________________________________

Vera Noest

MCSE, CCEA, Microsoft MVP - Terminal Server

TS troubleshooting: http://ts.veranoest.net

___ please respond in newsgroup, NOT by private email ___

=?Utf-8?B?RFNtaXRo?= <DSmith@discussions.microsoft.com> wrote on

05 jun 2008 in microsoft.public.windows.terminal_services:

> This sounds like what I need, do you know of an article or

> something that I can read that would explain how to setup this

> extra layer of security around IIS?

>

> Thanks!

>

> "Vera Noest [MVP]" wrote:

>

>> But that article does not answer the OPs question at all.

>>

>> DSmith, the only concept that comes to my mind is to prohit

>> users to get to the Remote Desktop website at all. Maybe you

>> can configure IIS with an extra layer of security.

>> You will have to create 2 different user groups, like:

>> RDUsers_from_everywhere and RDUsers_inside_only and give only

>> members of RDUsers_from_everywhere permission to get to the

>> website at all.

>> Drawback is that your permitted users from the outside will

>> have to authenticate twice, first with IIS and then with the

>> TS.

>>

>> _________________________________________________________

>> Vera Noest

>> MCSE, CCEA, Microsoft MVP - Terminal Server

>> TS troubleshooting: http://ts.veranoest.net

>> ___ please respond in newsgroup, NOT by private email ___

>>

>> "Ratnesh Yadav [MSFT]" <Ratnesh.Yadav@microsoft.com> wrote on

>> 31 maj 2008 in microsoft.public.windows.terminal_services:

>>

>> > Check following link for configuring users permission to

>> > access Remote Desktop Web,

>> > http://www.microsoft.com/windowsxp/using/networking/expert/nor

>> > thr up_03may16.mspx

>> >

>> > Ratnesh

>> >

>> > "D Smith" <DSmith@discussions.microsoft.com> wrote in message

>> > news:5FB56B32-44C4-4AEF-B439-A47A710F7910@microsoft.com...

>> >> We have a windows 2003 terminal server here in our office

>> >> that is used by many internal employees. They login and do

>> >> their work on the terminal server.

>> >> Some time ago we had some IT consultants come in and setup

>> >> Remote Desktop Web

>> >> Connection on the same server as a remote access method.

>> >> This way some employees can login to the web page and access

>> >> the server from outside the office.

>> >>

>> >> Now I need to figure out a way to restrict the people that

>> >> can access the Remote Desktop Web Connection without

>> >> restricting people from access from regular remote desktop

>> >> inside the office.

>> >>

>> >> After lots of searching I cannot find a solution to this

>> >> problem. Any setting I find in group policy relates to both

>> >> types of remote access.

>> >>

>> >> Is there a way that I can grant access to only certain users

>> >> or groups to the web access without affecting normal remote

>> >> desktop?

>> >>

>> >>

>> >> Thank you!

Share

https://extremetechsupport.com/topic/92545-can-i-block-a-group-from-accessing-remote-desktop-web-connection/

Go to topic listing

Similar Content
- Why am I receiving a "Remote desktop license issue" alert when trying to log in to a server via Remote Desktop from a specific PC, while other PCs can
  
  By Guest Majedul Hoque Chowdhury, November 6, 2024
  - 1 reply
  - 80 views
- Remote desktop works local network but not remote.
  
  By Guest Maynard68, October 27, 2024
  - 0 replies
  - 22 views
  - Guest
  - October 27, 2024
- Can’t connect to Remote Desktop from different subnet
  
  By Guest Billy Patterson, September 17, 2024
  - 0 replies
  - 4 views
  - Guest
  - September 17, 2024
- Hidden remote access/screen share
  
  By Guest multi client, October 31, 2024
  - 0 replies
  - 25 views
  - Guest
  - October 31, 2024
- Accessing remote MSMQ Queue issue
  
  By Guest sushant kora, October 31, 2024
  - 0 replies
  - 21 views
  - Guest
  - October 31, 2024

×

Browse
- Back
- Forums
- Resources
- Downloads
- Link Directory
- Online Users
- Staff
- Blogs
- Events
- Videos
- Leaderboard
Activity
- Back
- All Activity
- Search
- Our Picks
Site Info
Support

×

Create New...