Export (0) Print
Expand All
3 out of 4 rated this helpful - Rate this topic

Deny New User Logons to an RD Session Host Server

Applies To: Windows Server 2008 R2

You can configure the user logon mode on the RD Session Host server to prevent new user sessions from being created on the RD Session Host server. This capability was released with Windows Server 2008.

You might want to prevent new user sessions from being created on the RD Session Host server when you are planning to take the RD Session Host server offline for maintenance or to install new applications.

You can specify one of the following settings for the user logon mode:

  • Allow all connections. By default, this setting is selected and is the recommended setting. This allows users to connect remotely to the RD Session Host server to establish a remote session.

  • Allow reconnections, but prevent new logons. If you select this setting, a user who already has a remote session running on the RD Session Host server can reconnect to that session. However, a new user—that is, a user that does not currently have a remote session running on the RD Session Host server—will not be able to connect to the RD Session Host server. If the RD Session Host server is restarted, no users will be able to connect to the RD Session Host server.

  • Allow reconnections, but prevent new logons until the server is restarted. If you select this setting, a user who already has a remote session running on the RD Session Host server can reconnect to that session. However, a new user—that is, a user that does not currently have a remote session running on the RD Session Host server—will not be able to connect to the RD Session Host server. If the RD Session Host server is restarted, the user logon mode will be set to Allow all connections and users will be able to connect to the RD Session Host server.

Use the following procedure to configure the user logon mode on the RD Session Host server.

Membership in the local Administrators group, or equivalent, on the RD Session Host server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at http://go.microsoft.com/fwlink/?LinkId=83477.

To configure the user logon mode on the RD Session Host server
  1. On the RD Session Host server, open Remote Desktop Session Host Configuration. To open Remote Desktop Session Host Configuration, click Start, point to Administrative Tools, point to Remote Desktop Services, and then click Remote Desktop Session Host Configuration.

  2. In the Edit settings area, under General, double-click User logon mode.

  3. On the General tab of the Properties dialog box, select the user logon mode setting that is most appropriate for your environment, and then click OK.

You can also use the change logon command at a command prompt to configure the user logon mode on the RD Session Host server. For more information about command-line tools for Remote Desktop Services, see the Remote Desktop Services Technical Reference (http://go.microsoft.com/fwlink/?LinkId=138135).

If you want to prevent all users—even users with remote sessions running on the RD Session Host server—from being able to connect remotely to the RD Session Host server over a given connection, you can disable the connection. For more information about disabling a connection, see Disable a Remote Desktop Services Connection.

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.