Managing the terminal services includes various tasks such as assigning RDP permissions, configuring connection limits, session time limits, assigning session permissions, viewing process, monitoring sessions, logging off users, disconnect sessions, and resetting the terminal services. Terminal Services Manager is used to perform these administrative tasks. Ensure you have a thorough understanding of every task and the implications before you apply it on a production network. Improper configuration of permissions may result in assigning additional permissions to the users where not required and inadequate access where required. RDP Permissions
Terminal Services Manager allows you to configure various RDP permissions. Permission sets such as Full Control, User Access, Guest Access, and Special Permissions can be assigned to users, clients, and groups. Each permission set has one or more permissions (see Tables 1 and 23). Figure 1 shows the RDP properties. Figure 2 shows the advanced security settings for RDP. Figure 3 shows RDP permissions.
Table 1. Terminal Services Permissions
| Permission | Description |
|---|
| Full Control | Permission set providing Query Information, Set Information, Remote Control, Logon, Logoff, Message, Connect, Disconnect and Virtual Channels permissions |
| User Access | Permission set providing Query Information, Logon, and Connect permissions |
| Guest Access | Logon permission only |
| Logon | Logon to Terminal Server session |
Table 2. Terminal Services Connection Permissions
| Permission | Description |
|---|
| Query Information | Allows users to query for information from Terminal Servers and Sessions |
| Set Information | Allows users to configure properties of the connection |
| Remote Control | Allows users to view or control other users’ sessions |
| Logon | Logon to Terminal Server session |
| Logoff | Log off a user from the Terminal Server session |
| Message | Allows users to send a message to a user session |
| Connect | Allows users to connect to another user’s session |
| Disconnect | Disconnects a user session |
| Virtual Channels | Assigning this permission provides access to local (client computer’s) device and redirects resources |
No comments:
Post a Comment