Jump to content

"Do not display last username" with Remote Desktop on Server 2008

Guest Timothy

By Guest Timothy
in Windows 2003 Server

 Share

Recommended Posts

Guest Timothy

Guest Timothy

Posted
Posted

I just deployed my first Server 2008 box in our internal environment for

testing. We do nearly all management via remote desktop. One of our

corporate security policies is to NOT show the last logged on user, to

prevent information disclosure of our admin usernames. We use a GPO in our

domain to control the "Interactive logon: Do not display last username"

setting to set it to ENABLED for all servers. This works on all Server 2003

boxes flawlessly. The Server 2008 box works when you are at the physical

console, but when you remote desktop, you are presented with the "logon

icons" where you can select the last user or "other user." This behavior

violates our corporate security policy.

 

I double checked the setting by running rsop.msc. The policy is being

applied and is set to "ENABLED." I also checked the Local Security Policy,

which shows it set to enabled as well, and the little "policy" icon is there

to show group policy governs this setting (so it is not changable).

 

Is there a new setting specific to terminal services? I went to the

Terminal Services administrative template and didn't see anything there that

might be helpful. I also went to the Terminal Services Configuration MMC,

nothing was helpful there either.

 

I'm thoroughly lost here, because from what I read, all you need to do is

set the "Do not display last user name" and all will be well. But it's not

working.

  • Replies 5
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Meinolf Weber

Guest Meinolf Weber

Posted
Posted

Re: "Do not display last username" with Remote Desktop on Server 2008

 

Hello Timothy,

 

If you are fill in the mstsc/remote desktop window the username it will be

automatically saved on the local machine, so make sure that the username

is not set there if you close mstsc/remote desktop. Leave the username field

empty.

 

Best regards

 

Meinolf Weber

Disclaimer: This posting is provided "AS IS" with no warranties, and confers

no rights.

** Please do NOT email, only reply to Newsgroups

** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

> I just deployed my first Server 2008 box in our internal environment

> for testing. We do nearly all management via remote desktop. One of

> our corporate security policies is to NOT show the last logged on

> user, to prevent information disclosure of our admin usernames. We

> use a GPO in our domain to control the "Interactive logon: Do not

> display last username" setting to set it to ENABLED for all servers.

> This works on all Server 2003 boxes flawlessly. The Server 2008 box

> works when you are at the physical console, but when you remote

> desktop, you are presented with the "logon icons" where you can select

> the last user or "other user." This behavior violates our corporate

> security policy.

>

> I double checked the setting by running rsop.msc. The policy is being

> applied and is set to "ENABLED." I also checked the Local Security

> Policy, which shows it set to enabled as well, and the little "policy"

> icon is there to show group policy governs this setting (so it is not

> changable).

>

> Is there a new setting specific to terminal services? I went to the

> Terminal Services administrative template and didn't see anything

> there that might be helpful. I also went to the Terminal Services

> Configuration MMC, nothing was helpful there either.

>

> I'm thoroughly lost here, because from what I read, all you need to do

> is set the "Do not display last user name" and all will be well. But

> it's not working.

>

Guest Timothy

Guest Timothy

Posted
Posted

Re: "Do not display last username" with Remote Desktop on Server 2

 

Re: "Do not display last username" with Remote Desktop on Server 2

 

I am not filling in the username or password on my terminal service client

(I'm using RD Tabs, which you can turn off NLA and also elect to not supply a

username/password) but even on older mstsc.exe (RDP 5.x) I get the logon

screen and have a choice between two icons, the admin user and "other user."

I cannot get it to STOP showing the admin user after I connect.

  • 4 months later...
Guest Lanwench [MVP - Exchange]

Guest Lanwench [MVP - Exchange]

Posted
Posted

Re: "Do not display last username" with Remote Desktop on Server 2008

 

jay_oasis <jay_oasis.3gnvrc@DoNotSpam.com> wrote:

> did you ever solve this?

>

> I am in the same position.

 

Hi - you've posted a reply to a message that doesn't seem to be on the

server any longer, and you haven't quoted the original text in your message,

so it's unlikely that anyone will know what you're talking about.

 

I suggest you stop using the forum web interface you're using and try a news

client, such as Forte Agent, Thunderbird, or even Outlook Express, rather

than the pretty clunky web interface to the newsgroups. It's a lot easier to

do nearly everything that way. You can mark messages to be watched, filter

the views so you can see replies to your posts easily, and search.

 

The Microsoft public news server is msnews.microsoft.com and you can

subscribe to as many groups as you like; no authentication is required.

 

The following is from a post by MVP Malke ...

 

-------------------------------------------------------

Here's information on Usenet and using a newsreader:

 

http://www.elephantboycomputers.com/page3.html#12-09-02 - a brief

explanation of newsgroups

http://michaelstevenstech.com/outlo...ssnewreader.htm

http://rickrogers.org/setupoe.htm

http://support.microsoft.com/defaul...wto/default.asp

- Set Up Newsreader

 

http://www.dts-l.org/goodpost.htm

http://www.catb.org/~esr/faqs/smart-questions.html

http://aumha.org/nntp.htm - list of MS newsgroups

microsoft.public.test.here - MS group to test if your newsreader is

working properly

http://www.mailmsg.com/SPAM_munging.htm - how to munge email address

http://www.blakjak.demon.co.uk/mul_crss.htm - multiposting vs.

crossposting

 

Some newsreaders for Windows

http://www.forteinc.com/agent/index.php - for Forte

http://www.mozilla.org (Thunderbird does newsgroups)

http://gravity.tbates.org/

 

-------------------------------------

Guest Meinolf Weber

Guest Meinolf Weber

Posted
Posted

Re: "Do not display last username" with Remote Desktop on Server 2008

 

Hello jay_oasis,

 

To what posting are you replying?

 

Best regards

 

Meinolf Weber

Disclaimer: This posting is provided "AS IS" with no warranties, and confers

no rights.

** Please do NOT email, only reply to Newsgroups

** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

 

> did you ever solve this?

>

> I am in the same position.

>

> http://forums.techarena.in

>

 Share
Go to topic listing
×
×
  • Create New...