Locking down remote desktop using AD GPO
- by Brettski
I am currently locking down a companies remote desktop access via a VPN. What I need to do is disable remote printing, file transfer and clipboard via active directory for the workstations that will be accessed. I am having trouble figuring out which GPO's are used to restrict this.
My basic approach is to restrict VPN users to port 3389 so the will be able to access their work computers remotely but nothing else (I will look into layer 7 scanning later). With this I want to ensure they are unable to transfer and data via files, printing or the clipboard.
The environment is Windows Server 2003