IP based Access Restriction for Terminal Services
IP Subnetting, System administration, Terminal Services, Terminal Services Security, Windows Server 2003, Windows Server 2003 Enterprise Edition, WINTEL, Wintel Server
I am looking for an solution where we can restrict the Terminal services access using IP address in LAN envirinment at OS level. All the servers are in same IP subnet & connected through same network switch. Is anyone tried doing such things. Please suggest if any soultion if available.
Software/Hardware used:
Windows 2003 Enterprise & Standard Editons
Software/Hardware used:
Windows 2003 Enterprise & Standard Editons
ASKED:
January 5, 2011 3:59 AM
UPDATED:
January 6, 2011 1:43 AM
Answer Wiki:
As per my knowledge its not possible to block the users using an IP address, you can make use of your Siwtches or firewall to create an access list to block the teminal service port 3389.
Mean while I am also trying find out the possibilities, if I came accross I will let you know.
Cheers
Yasir
To see all answers submitted to the Answer Wiki: View Answer History.
Dear Yasir
Thanks for your inputs, but as i said this is in same LAN, so there is no firewall coming in between. Also the swicth which we have is normal switch where we can not set any access list.
If you can find any solution which we can implement at OS level please share. Also i have tried the enabling firewall but it stops access from all source. We just need to stop access to from some of the machines.
I sugest you do this through group policy, limiting remote desktop access to a defined group or blocking access to a defined group.
One of the best ways is also to allow remote desktop to administrators only. the rest who are users will not be able to connect.
Unless you really dont’ want them to be even see the remote desktop screen of the servers then I second on the policy settings.