If you're using Active Directory you can lock down a terminal session fairly well by applying the group policies descriibed here: http://support.microsoft.com/default.aspx?scid=kb;en-us;278295∏=win2000. If you're using Windows Server 2003, you can also take advantage of Software Restriction Policies to prevent applications from executing without permission. For a simpler solution independent of the operating system and domain structure, there are also third-party products such as triCerat's Simplify Lockdown that hide applications unless you've explicitly enabled them to run in a session and prevent users from exploiting back doors to run unauthorized applications.
Related Q&A from Christa Anderson, WinIT
Expert Christa Anderson offers some ideas for monitoring who is connecting to a terminal server, and when they are connecting.continue reading
Expert Christa Anderson suggests some third-party software producst that can help in using a scanner with Terminal Services.continue reading
Expert Christa Anderson offers advice for dealing with a crashing spooler service.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.