Day to day IT help from an IT support professional
Monday, 4 April 2016
deny remote desktop web access with active directory
To restrict this, first we need to create a security group in AD.
Now log into your RD Web Access server and browse to C:\Windows\Web. Right-click the RDWeb folder and choose Properties.
Go to the Security tab and click Edit then Add.
Type the security group name that you just created in AD and hit OK.
Back in the Permissions window, make sure the group is selected, then in the Permissions section (bellow) click the Read & Executebox under the Deny column. Click OK to close all the windows. Choose Yes on the warning messages.
Now, if a user that is part of that security group tries to log in, it will get a deny message. In the future, when you want to restrict someone to log in to RD Web Access just add the account to that security group.