Terminal Service Profiles Help

[bbbngowc]

Hi,

I've setup a few new termainl servers and I would like to put some security in place. What I'm looking for is: when a user logs on ONLY TO THESE SPECIFIC Terminal Servers, they are only presented with a desktop with just 1 or two applications. I don't want them to have access to anything else. No "My Documents", Control Panel, Internet Explorer, or start menu for that matter. This is Windows 2003 Enterprise Server. Oh and I only want this security used when logged in via remote desktop. If I log in at the Console I should not have these limitations.

Is this possible? What do I use to accomplish?

Edited August 31, 2009 by bbbngowc

[dubsdj]

It's a pity you dont have 2008 and then you could maybe use remoteapp

[chilifrei64]

This can be done via group policies and other registry hacks and what not..

But what your explaining is Citrix. Hands down.. thats what you need to accomplish this cleanly.

[cluberti]

Chili is correct - what you want to do isn't a feature of Windows TS until 2008 (and even then wasn't robust until 2008 R2). If you need to do this on 2003 server, you need Citrix Presentation Server, period. This can be done with group policy, logon scripts, and ACLing things on the 2003 server, but it's a pain in the rear and isn't 100% a solution either as there are ways around things without Citrix installed.