Thursday, May 21, 2009

Managing permissions on connections

Permissions define how users and groups can access a terminal server, allowing you to secure the server. Terminal Services permissions can be handled easily on a per-computer basis, using the Remote Desktop Users user group and the RemoteInteractiveLogon right. In some cases, however, it might be necessary to manage permissions on a per-connection basis.
Managing Permissions on a per-connection basis
Terminal Services Configuration allows you to manage permissions on an individual connection by means of the Permissions tab in the connection Properties page.
The TCP/IP connection installed with Terminal Services comes with a set of default permissions. You can modify these default permissions by setting different permissions for different users or groups, adjusting them to fit the requirements of your organization. You must be logged on as a member of the Administrators group to manage connection permissions.
The default permissions on Terminal Services objects are as follows:

Group Permission
Administrators Full control

LOCAL SERVICE Service permissions

NETWORK SERVICE Service permissions

Remote Desktop Users User access

SYSTEM Full control

Guest Guest access

For information about managing permissions for users and groups, see Adding users and groups. For information about the types of permissions used to control access to Terminal Services, see Controlling connection access.

No comments:

Post a Comment