none
GPO RDP Client Lockdown

    Question

  • Hi All,

    We have a number of users that rdp to our servers unfortunately there are a number of service accounts (interactive) that the passwords are known by  these users. Is there a way to lock down the RDP client on the machine so they cannot change the credentials of a session. I thought that you might be able to only use the credential you logged in to the machine that is initiating the rdp session but I cannot seem to find it

    Regards

    Friday, March 6, 2015 1:17 AM

Answers

  • Hi,

    >> Is there a way to lock down the RDP client on the machine so they cannot change the credentials of a session.

    Does this mean that we want to prevent users from using these service accounts during a RDP session? Here, as far as it is known to me, there is no default group policy setting which can help us do this. Besides, based on my understanding, if we don't want to let users use these accounts, we can choose to make the passwords unknown to them.

    Best regards,
    Frank Shen


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, March 9, 2015 7:38 AM
    Moderator

All replies

  • Hi,

    >> Is there a way to lock down the RDP client on the machine so they cannot change the credentials of a session.

    Does this mean that we want to prevent users from using these service accounts during a RDP session? Here, as far as it is known to me, there is no default group policy setting which can help us do this. Besides, based on my understanding, if we don't want to let users use these accounts, we can choose to make the passwords unknown to them.

    Best regards,
    Frank Shen


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, March 9, 2015 7:38 AM
    Moderator
  • Thanks for that. 


    Tuesday, March 24, 2015 10:49 AM