Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

easy way to temporarily disable logon to Terminal Server?

Status
Not open for further replies.
PPettit

PPettit

IS-IT--Management
Sep 13, 2003
511
US
Is there any easy way to temporarily keep users from logging on to my Terminal Server?

Every now and then our software vendor needs to log on remotely (via RDP) in order to make some unscheduled changes to our server and to the application that they sold to us. Most of the time, they need everyone out of the application and usually out of the server as well (due to a re-boot).

We have eight different remote locations so I need a quick way to deny RDP access for everyone except for the administrator and vendor accounts. Any suggestions?
 
Sort by date Sort by votes
I found a close enough answer to my question. It's in the "Local Security Settings" policy . You can "Deny log on through Terminal Services" based on user name or group membership. It appears to override the "Allow log on through Terminal Services" setting on the same page.

Unless I can find a different way to deny access, I still need to figure out how to make the pop-up message more understandable for my users.
 
Upvote 0 Downvote
Remove your users from the local RDP group this way they should not be able to login.
Use the Terminal services manager in administrative tools to send them a message and then log them off.

/Tommy
 
Upvote 0 Downvote
nokker's suggestion of using the Terminal services manager in administrative tools to send them a message and then log them off works very well.

I always schedule our updates for a specific time. Then, 10 minutes before the scheduled time I send a warning message via TS Admin that the users should save their work and log off. 10 minutes later, at the scheduled time, I select all the users still logged on and log them off with no futher warning.

Cheers.

 
Upvote 0 Downvote
Thanks for the replies.

I'm well aware of how to get the users out once they've logged on, but I was searching for a way to keep the users from logging on in the first place.

I don't have a problem when I know in advance that there's going to be some downtime. It's those unscheduled times I mentioned in my original post that are a nuisance. If I didn't know better, I'd think we were beta-testing this software for our vendor.

I still need to find a way to change this:
To log on to this remote computer, you must be granted the Allow log on through Terminal Services right. By default, members of the Remote Desktop Users group have this right. If you are not a member of the Remote Desktop Users group or another group that has this right, or if the Remote Desktop Users group does not have this right, you must be granted this right manually.
Click to expand...

To something like this:
The server is unavailable at this time.
Click to expand...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
664
Aquiles Vidal
Aquiles Vidal
MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
508
MaioMaio
MaioMaio
DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
564
DTGMI
DTGMI
microsGuy16
  • Locked
  • Question
Can not copy files to Mapped drive
Replies
0
Views
653
microsGuy16
microsGuy16
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
885
suncit
suncit

Part and Inventory Search

Sponsor

Back
Top