How to restrict RDP smart card redirection?

T

tobestik2015-11-02 15:42:29

Windows

tobestik, 2015-11-02 15:42:29

Hi all!
What is:
10 2k8r2 servers
5 e-tokens
5 ru-tokens
1 win7 workstation
1 person who is sometimes in a hurry
What is all this for?
There is a person (accountant) who sticks different tokens into his slave station and from his workstation connects via rdp to servers (1 token = 1 server = 1 company = 1 bank). Tokens are redirected via rdp. Sits there in banks\reporting.
Problem:
A person is sometimes in a hurry and confuses tokens with servers. For example, he enters server 2 with token 3, which is very bad.
What do you need?
Limit the list of redirected tokens to a specific server.
That is, do this
1server=1token
2server=2token
3server=3token.
etc.
What I tried to do:
I tried to regulate it through GPO. But, as the GPO regulates this through the GUID, and it is the same for the tokens (as far as I understand, the driver for the token emulates the smart card receiver and I see exactly the GUID of this receiver, I could be wrong!)

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

J

Janus74, 2015-12-21
@Janus74

I do not want to be unfounded, but, "no way"
Although there is one crutch, there must be a software that detects the connection of a token, looks at what kind of token, and starts a connection to the desired server.