On-Shore Technology located in Tempe Arizona needed to upgrade their old servers, workstations, and network. N2 Network Solutions designed and implemented a turnkey Windows Server 2008R2 solution. This included a terminal server web solution so that employees can access their applications from the internet.
Command to run to install a new application:
CHANGE USER /INSTALL
Command to run once install is complete:
CHANGE USER /EXECUTE
Create an OU for your terminal servers and put all of your terminal servers in this OU
Create a new GPO(Group Policy Object) for the lockdown of the terminal servers
Under the computer settings of the GPO to use “loopback processing” with the “Replace” option.
Once you create the group policy link it to the OU that you created in step one.
This step is important, you must go into the security properties of the GPO that you created and add the name of ther server with a “$” at the end and give it the “apply” permission.
Add the group that you want to apply this lockdown policy to. You can add authenticated users or domain users.
Make sure the administrator account or administrators group has the deny checkbox for “apply” in the security tab. Entire article can be found here.