You can do the following in order to configure your terminal server for maximum security.
1. Disable the TsInternetUser account from the system. This is just a default account used for TS Internet connector licensing mode for anonymous user.
- Right click on my computer and select manage.
- Expand Local users and groups and click on the users folder.
- Double click on the TsInternetUser account.
- Check the Account Is Disabled checkbox and click ok.
2. Configure RDP-TCP Settings on your Terminal services configuration.
- Click on start, programs, administrative tools, terminal services configuration.
- Double click on RDP-TCP and change the following settings:
- On the general tab, select high for the encryption level.
- On sessions tab, select end a disconnected session after 15 minutes, idle session limit after 30 minutes, check the ?override user settings? and select the ?end session? radio button.
- On the permissions tab, set permission per user instead of per administrator if necessary. The system account is NEEDED. Do not delete.
- On the client settings tab, disable ?Windows printer mapping? and ?LPT port mapping?.
3. Click OK and exit from terminal services configuration.
- security, windows, terminal
- 31 Users Found This Useful
