How to prevent remote desktop login when user is logged in locally?
Solution 1
using the group policy editor, browse to:
Administrative Templates\Windows components\Remote desktop services\Remote desktop session host\Connections
look for Set rules for remote control of Remote Desktop Services user sessions and give it Full control with user permission in the options list.
so here the local user is to be promptd for confirmation when someone tries to log in. and it should apply for every login attempt.
Solution 2
This is impossible. Windows 7 is a consumer OS, not a terminal server.
While the components are there for this to happen, that's only a small part of the story. Realize that software development is more than code. For one, Microsoft has to test the configuration along with application that will run under it. What if an applications try to write to the same registry key? On a terminal server this is easy. On a consumer OS, this is unpredictable. What if one user decides to fire up an application that hogs all the local resources. How to you resolve this?
Even worse are if bugs show up, which potentially can crash the system or worse, silently corrupt data. In a world where you can sue people for serving hot coffee, this is an unnecessary risk.
At best, you'll need to hack it. At worse, you've got to realize that you didn't pay for a terminal server.
Solution 3
To enable/disable logons on a windows machine (I know it works in 2K+ and win7, not sure about XP)
Change Logon /Disable
Change Logon /Enable
You can build some scripts around these to do what you want.
Be careful tho, if you are working remotely and get DC'ed, someone has to log on to the machine locally to re-enable logons.
Related videos on Youtube
18 : 44
10 : 45
03 : 38
02 : 46
02 : 37
Juha
Updated on September 18, 2022Comments
-
Juha over 1 year
I have a few windows machines (xp and 7) and I want to allow users to log in remotely using remote desktop (rdp, from any source win, mac, linux, etc.) if others have not logged in.
Currently there is two kind of behavior (if I recall correctly '1' corresponds to win 7 and '2' to xp):
- user logged in is kicked out without warning
- user is asked "Do you want to kick out the person logged in?"
I want to change this to following:
- if local user is logged in, say something like "local user is logged in, go away"
- if remote user is logged in, ask "do you want to kick out remote user?"
The above should be same for all log in attempts local or remote. The user logging in is a generic user i.e. the one logging in and logged in are the same user.
This answer is pretty close what I want to do (waiting time to very large). How do I do it in practise (xp and 7)?
Preventing Remote Desktop from kicking current user on Windows 7
edit:
progress... How do I disable the 30 second delay on Remote Desktop connections to Windows 7 when a user is logged in?
edit2:
more progress... Is Remote\username same as ComputerName\username or username in windows 7/xp?
So basically, I have to check what is %userdomain% and modify logon enabled/disabled (or time delay to make behaviour a bit softer) according to that... I'll try that next week.
-
user1686 almost 13 yearsYou could enable multiple logins instead.
-
Juha almost 13 yearsI would say that its possible. See the link superuser.com/questions/318219/…. I could make the windows ask for confirmation and make the waiting time longer or infinite. This is essentially the same thing as preventing local user kick out. Also the same user problem could be solved by logging in as "remote\username". This should be different that logging in just by "username". At least some Internet rumors claim that. So all the components are there, I just need to combine them.
-
sinni800 over 12 yearsHe only wants ONE user to be logged in. Sorry, but this doesnt really help.
