I have a server (Windows 2003 ) and different users connect the server via Remote Desktop Connection. All users have admin rights on it. So sometimes it becomes very difficult for me to RDC to the server because of number of session exceeds the limit. The only solution which I am looking now to restrict console RDC session for administrator only. Is it possible?
Security – Restrict RDC console session for administrator only in Windows 2003 Server
consoleremote desktopSecuritysessionwindows-server-2003
Best Answer
Well, this is not a good solution, but, nevertheless it's worth trying:
Method 1.
Go to
Start>Run>gpedit.msc.Then go to
Administrative Templates>Windows Components>Terminal Servicesand enable the setting “Deny Log off of an administrator logged into the console session”. If the status is set to Enabled, logging off the connected administrator is not allowed.Run
“gpupdate.exe /force”from Command Prompt.So, in other words, what you need to do is to log in session 0, have local computer policy configured like above and NOT to log off from machine. Others won't be able to take over your session.
Hope this helps.
Method 2.
Found a nice article that describes how to change which users or Administrators can connect to the console session:
1. To allow a normal user to connect to the console session, use the following command:
2. To deny administrators access to the console session, use the following command:
3. To restore the default setting:
So, after performing 2nd command and then using 1st command with your account should give you what you wants. Haven't tried myself though.