[THIN] Re: OTish: Stretching the use case for RDP admin session

• From: TSguy92 Lan <tsguy92@xxxxxxxxx>
• To: thin@xxxxxxxxxxxxx
• Date: Thu, 25 Mar 2010 14:03:39 -0700

Hi Christopher,

1) it is possible with RDP to limit a user to only one session, however this
setting wouldn't work quite as you've depicted:

 - on a windows 2003 server, under admin tools you'll find "terminal
services configuration"
   - highlight "server settings" within this tool and you'll see an option
for "restrict each user to one session".
 - how this setting works is:

  UserA logs onto the server with the "shared account", and starts the
process intensive app.
  UserA disconnects their session.
  UserB logs onto the server with the "shared account", they see the process
intensive app running or completed (essentially the state it was left in by
the last user).

  Now lets presume that UserA doesn't disconnect the session...

  UserA is actively working on the server under the shared account.
  UserB attempts to login to the server using the shared account.
  UserA gets booted off their connection (with no prompts), UserB now has
the connection right where UserA was using it.

 2) Yes if a user manually disconnects, or if somehow they loose network
access and disconnect unexpectedly, the session would still be running and
they would reconnect to it.

  - account and connection options for 'idle' or 'disconnected' timeouts
could potentially clear disconnected sessions, but only if they are setup
(by default they are not).

The setup that's being proposed is doable, but it's also quite possible that
your group of users might be stepping on each other's toes. For what's being
suggested I don't know that a windows 2003 server is really even needed, you
could get away with a dedicated workstation (win 7 / winxp) instead.

HTH

Lan

On Thu, Mar 25, 2010 at 11:43 AM, Christopher Wilson
<christofire@xxxxxxxxx>wrote:

> Hey, List.
>
> Looking for some RDP expertise.  Pardon the inherent kludginess of this
> inquiry.
>
> I have a group of users who are trying to coble together a shared desktop
> solution straight outta LowCash.  The idea is this:  A windows 2003 server
> is accessed as needed by users over RDP from a single shared AD account.
>  From the RDP desktop they run a proc intensive app they don't want to run
> on their own PC's.  Questions:
>
> 1) Is it possible with the out of the box RDP admin sessions to limit a
> given user account to only one connection?  First session would get in,
> subsequent attempts would get an error and logoff because their AD account
> already has an active session.  Would be nice if this could be configured in
> the OS.  Perhaps there is something you could do programatically at logon.
>
> 2) In the above scenario, if I get disconnected, is there a way
> to guarantee I will reconnect to the original session.
>
> Thanks in advance for your insights.
>
> Best regards,
> Christopher
>

• References:
  • [THIN] OTish: Stretching the use case for RDP admin session
    • From: Christopher Wilson

Other related posts:

• » [THIN] OTish: Stretching the use case for RDP admin session- Christopher Wilson
• » [THIN] Re: OTish: Stretching the use case for RDP admin session - TSguy92 Lan
• » [THIN] Re: OTish: Stretching the use case for RDP admin session- Joe Shonk
• » [THIN] Re: OTish: Stretching the use case for RDP admin session- Christopher Wilson
• » [THIN] Re: OTish: Stretching the use case for RDP admin session- Magnus Hjorleifsson
• » [THIN] Re: OTish: Stretching the use case for RDP admin session- Nick Smith

1. Home
2. thin
3. Archive
4. 03-2010

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---