+ Post New Thread
Results 1 to 8 of 8
Windows Server 2008 Thread, Terminal Services Connections - Times and Security in Technical; Hi all, I wonder if anyone can tell me if you are able to set a time window on TS ...
  1. #1

    Join Date
    Mar 2008
    Location
    Guildford
    Posts
    73
    Thank Post
    3
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Terminal Services Connections - Times and Security

    Hi all,

    I wonder if anyone can tell me if you are able to set a time window on TS so that users can only connect between certain hours when working offsite.

    For security reasons one of our Governors does not want people being able to connect after midnight and before 6am.

    Is it also possible to lock an account after three wrong attempts to log in?

    Many thanks for anyone who can help.

  2. #2

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,054
    Thank Post
    888
    Thanked 1,729 Times in 1,492 Posts
    Blog Entries
    12
    Rep Power
    454
    Quote Originally Posted by LeonieCol View Post
    Hi all,

    I wonder if anyone can tell me if you are able to set a time window on TS so that users can only connect between certain hours when working offsite.

    For security reasons one of our Governors does not want people being able to connect after midnight and before 6am.

    Is it also possible to lock an account after three wrong attempts to log in?

    Many thanks for anyone who can help.
    You could use the built in feature in AD to set logon times. You will find this in the account settings of a user. You can edit users on mass by selecting them all.

    To be honest i dont see how setting logon times would increase security.
    Last edited by FN-GM; 23rd March 2011 at 08:02 PM.

  3. #3

    Join Date
    Dec 2008
    Location
    Essex
    Posts
    2,144
    Thank Post
    1
    Thanked 326 Times in 316 Posts
    Rep Power
    77
    Hi


    You can also set an account to lockout after 3 attempts. Below is some articles which will help you. You can also look at the Default Domain Policy.

    Appendix A: Fine-Grained Password and Account Lockout Policy Review

    Active Directory Domain Services (AD DS) Fine-Grained Password and Account Lockout Policy Step-by-Step Guide

    Sukh

  4. Thanks to sukh from:

    FN-GM (23rd March 2011)

  5. #4

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,054
    Thank Post
    888
    Thanked 1,729 Times in 1,492 Posts
    Blog Entries
    12
    Rep Power
    454
    Quote Originally Posted by sukh View Post
    Hi


    You can also set an account to lockout after 3 attempts. Below is some articles which will help you. You can also look at the Default Domain Policy.

    Appendix A: Fine-Grained Password and Account Lockout Policy Review

    Active Directory Domain Services (AD DS) Fine-Grained Password and Account Lockout Policy Step-by-Step Guide

    Sukh
    He is not asking about account lockouts, he is asking about restricting logon times...

  6. #5

    Join Date
    Nov 2006
    Location
    Kendal
    Posts
    1,555
    Thank Post
    112
    Thanked 177 Times in 144 Posts
    Rep Power
    71
    Quote Originally Posted by FN-GM View Post
    He is not asking about account lockouts, he is asking about restricting logon times...
    He actually asked about both things.

  7. Thanks to jcollings from:

    FN-GM (23rd March 2011)

  8. #6

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,054
    Thank Post
    888
    Thanked 1,729 Times in 1,492 Posts
    Blog Entries
    12
    Rep Power
    454
    Quote Originally Posted by jcollings View Post
    He actually asked about both things.
    oh my apologies

    I missed that bit both times.

    Sorry

  9. #7

    Join Date
    Mar 2008
    Location
    Guildford
    Posts
    73
    Thank Post
    3
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Hi both. Thanks very much. I have never used the logon hours under user properties so will start doing that. I get your point about security, FN-GM, but if it makes the governors feel better then it's worthwhile doing it!

    Thanks SUKH for the lockout articles.

    By the way I am not a 'he'. I am a 'she'!

  10. #8

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,054
    Thank Post
    888
    Thanked 1,729 Times in 1,492 Posts
    Blog Entries
    12
    Rep Power
    454
    Quote Originally Posted by LeonieCol View Post
    Hi both. Thanks very much. I have never used the logon hours under user properties so will start doing that. I get your point about security, FN-GM, but if it makes the governors feel better then it's worthwhile doing it!

    Thanks SUKH for the lockout articles.

    By the way I am not a 'he'. I am a 'she'!
    There is a group policy to enable if you want to force users to log off when the logon hours expire. If not by defualt if they are aleady logged on they can carry on after the logon hours.

SHARE:
+ Post New Thread

Similar Threads

  1. Terminal services
    By mrbios in forum Windows Server 2008
    Replies: 5
    Last Post: 22nd July 2010, 09:19 AM
  2. Terminal Services - xp
    By kevin_lane in forum Windows Server 2008
    Replies: 7
    Last Post: 3rd April 2009, 12:44 PM
  3. Replies: 8
    Last Post: 23rd April 2008, 10:33 PM
  4. MS Terminal Services Connections
    By Lee_K_81 in forum Thin Client and Virtual Machines
    Replies: 13
    Last Post: 7th November 2007, 09:49 AM
  5. terminal services and symantec web security
    By Uraken in forum Thin Client and Virtual Machines
    Replies: 0
    Last Post: 14th February 2007, 10:27 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •