Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
Magicus2015-07-12 15:26:36
System administration
Magicus, 2015-07-12 15:26:36

Windows 2008R2 limit RDP users to working hours?

Is Windows 2008R2 on which users on RDP come.
It is necessary that each user can enter there only during business hours, for example, from Monday to Friday from 9:00-18:00

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

6 answer(s)
Report
V
Vadim K, 2015-07-13
@Magicus

For such purposes, for terminal servers that are not in the domain, I have two scripts. The first one disables user sessions and makes the user account inactive (the user cannot log in), the second one makes accounts active (the user can log in). List of users in a separate file, scripts are executed through scheduled tasks.
Script #1 (usrs_lock.cmd)

@echo off

for /F "eol=#" %%N in (C:\scripts\users_lock\userslist.txt) do (
  net user %%N /active:no
  
  query user %%N >"C:\scripts\users_lock\session.txt"
  for /F "skip=1 tokens=3," %%i in (C:\scripts\users_lock\session.txt) do logoff %%i
  del session.txt
)

Script #2 (usrs_unlock.cmd)
@echo off

for /F "eol=#" %%N in (C:\scripts\users_lock\userslist.txt) do (
  net user %%N /active:yes
)

Report
T
t_q_l, 2015-07-12
@t_q_l

1) Use the Active Directory domain, set up accounts in it according to the model:
2) At 18:00 kick all users out of the terminal with a script usinglogoff

Report
S
Spetros, 2015-07-12
@Spetros

In general, the task of limiting logon time is a classic and is described in all manuals and tutorials on Windows Server.
But if the system administrator needs a link, then here you go .

Report
E
Eugene, 2015-07-12
@yellowmew

First option :
Restrict access in the firewall only to your local network.
Came to work - work in the terminal.
Arrived after business hours - the security guard wouldn't let us in.
Second option :
We use a logon script for all users that launches the desired program, before that checking the time on the server: you can log in
from 8:45 to 18:15 - run the desired program.
At other times - it is impossible, we do logoff.
The third option has already been described below. Affects logging in after business hours and users' PCs.
fourth option :
According to the schedule, we change permissions to access the connection for a group of terminal users, forcibly throwing them out at 18:15. Or we change the membership of users in the group.
fifth option :
Enable or disable the ability to remotely connect to the server on a schedule

Report
V
Vasily Pechersky, 2015-07-12
@Vasily_Pechersky

In Active Directory users And compters, in the properties of each user there is a Login Time.
All relevant users in your OU, make a Group Policy limit Login Time -> your request is resolved.

Report
A
athacker, 2015-07-13
@athacker

Just remember that bukhs who frantically calculate some annual report at the last moment can give you an unforgettable night (or a weekend, if you're lucky) when they lose access in the midst of work :-)

Similar questions
M
miolini2012-08-10 17:40:17
Is there a motherboard for 4x AMD Opteron 6284 SE? 1Reply
S
ScayTrase2012-08-14 15:05:06
Ubuntu 10.10 Upgrade to LTS or downgrade to LTS? 6Reply
M
Max Ba2018-04-13 13:10:38
What type of network equipment to choose for the office? 1Reply
S
Sergey2018-04-13 19:21:04
What is the best way to upload a backup to the server? 2Reply
V
vlarkanov2018-04-14 21:29:57
Debian 9.4: why doesn't the gre tunnel come up on system startup? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question