Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
T
T
Tosha Marsik2018-06-13 10:04:00
Information Security
Tosha Marsik, 2018-06-13 10:04:00

How to disable connection via RDP to WinServ2008R2 for a specific user from the Internet after entering login\password?

In general, one of the accountants asked to show the entry point to the server from the outside (the other works this way periodically), I actually showed how to connect and everything is fine, but now the management said to cut off access to this accountant from the server from the outside. Disable one user, leave access to the second + we still have auditors connected to the server and completely close access is not an option.
Interested in the actual question: is it possible to close a certain user access to the server via RDP after entering the login and password access, so that it works only through the "working" computer, which actually stands at work in the office?
Yandex with Google already smoked, I haven’t found any information at the moment. Help splash.
MB somehow allow the user to work only from a working computer and prohibit the connection of all other computers to this account?
Updated: or let's allow this user to work on the server only from 08:00 to 19:00

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

4 answer(s)
Report
V
vreitech, 2018-06-13
@fzfx

if the user is allowed to connect to the terminal server via RDP, then he is allowed to do this from any device that is able to break through routing tables and firewall rules to him.
either deny or restrict access from the Internet to the terminal server, or use a VPN to authorize users.

Report
C
CityCat4, 2018-06-13
@CityCat4

Look at the local security policies - there, in my opinion, there is an opportunity to block the login. True, most likely, local login to the server will also be blocked :)

Report
P
Peter Krupnev, 2018-06-24
@peterkrup

Try -
in the command line - lusrmgr.msc - after that
Users - select this bukh - Properties - Member Of - and if there is a group "Remote Desktop Users" - delete it.

Report
C
cinquefoil2016, 2020-10-24
@cinquefoil2016

I recently had to transfer users from one server to another, and those whom I transferred, so that they would not make a mistake with the entrance, I limited them to rdp login through group policies, creating a separate group to prohibit them. For those who are interested, there is a Deny log on through Remote Desktop Services option .

Similar questions
D
dm2015-05-29 13:19:38
The name of the Cyrillic font in the picture? 6Reply
D
demsen2016-03-03 12:08:36
Russian domain registrar with two-factor authorization support? 1Reply
A
Alistair O2018-07-27 06:10:11
How to find the application that calls WScript.exe? 2Reply
D
Da ta2020-07-18 09:57:05
How to track and fence an application in win 10? 3Reply
A
Alexey Skobkin2016-03-11 17:31:06
How to set up peer-to-peer private channels in TeamSpeak? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question