RDP and Group Policy Question
k2737
Member Posts: 10 ■□□□□□□□□□
I am working in a BYOD scenario where some users will be using RDP to login to a machine (it is Server 2008 R2). I want to configure it so when they establish the session their local hard drives does not automatically get mapped and they are not able to copy text from the RDP session back to their host machine. (Want the data on the machine to stay there.)
From what I have been able to find most of the Group Policy settings for RDP are for the client and not for the Server or the host. Since I don't have control over the machine the client is running on, has anyone seen a way around this? Do I need to make the machine a Terminal Server? I really don't want to have to do this...
Any help would be appreciated. Thanks in advance.
- Adam
From what I have been able to find most of the Group Policy settings for RDP are for the client and not for the Server or the host. Since I don't have control over the machine the client is running on, has anyone seen a way around this? Do I need to make the machine a Terminal Server? I really don't want to have to do this...
Any help would be appreciated. Thanks in advance.
- Adam
Comments
-
LeifAlire Member Posts: 106I haven't ever set any GPO's for RDP but here is a listing and what they all support.
Group Policy Settings for Remote Desktop Services in Windows Server 2008 R22015 Goals: VCP-550 - CISA - 70-417 -
k2737 Member Posts: 10 ■□□□□□□□□□So these are the ones that I looked into. The machine that is being RDP'ed into is on a domain that I can control. So I go into the Default Domain Policy and go to Computer Configuration> Policies> Administrative Templates> Windows Components> Remote Desktop Services > Remote Desktop Session Host > Device and Resource Redirection and enable "Do not allow drive redirection". I then reboot the machine and when I RDP into it my local drives still show up. There has to be some way to stop this from happening. I would think a lot of people would utilize this...especially with BYOD.
-
k2737 Member Posts: 10 ■□□□□□□□□□Hmmm...so when I run gpresult /R I do see that the default domain policy is filtered out. Should I create a new OU for the machine in question, then create a specific GPO and apply it to this new OU with the Computer in it?