Share via


Managing Permissions on Connections

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Managing permissions on connections

Permissions define how users and groups can access a terminal server, allowing you to secure the server. Terminal Services permissions can be handled easily on a per-computer basis, using the Remote Desktop Users user group and the RemoteInteractiveLogon right. In some cases, however, it might be necessary to manage permissions on a per-connection basis.

Managing Permissions on a per-connection basis

Terminal Services Configuration allows you to manage permissions on an individual connection by means of the Permissions tab in the connection Properties page.

The TCP/IP connection installed with Terminal Services comes with a set of default permissions. You can modify these default permissions by setting different permissions for different users or groups, adjusting them to fit the requirements of your organization. You must be logged on as a member of the Administrators group to manage connection permissions.

The default permissions on Terminal Services objects are as follows:

Group Permission

Administrators

Full control

LOCAL SERVICE

Service permissions

NETWORK SERVICE

Service permissions

Remote Desktop Users

User access

SYSTEM

Full control

Guest

Guest access

For information about managing permissions for users and groups, see Adding users and groups.

For information about the types of permissions used to control access to Terminal Services, see Controlling connection access.