How to Restrict Access to a RD Session Host Desktop for Particular Users

How to Restrict Access to a RD Session Host Desktop for Particular Users 

There are certain deployment scenarios that require connection restrictions on the end-user side. For example imagine you are using a RD Session Host Desktop to
publish data for your employees but you want to restrict the access to a specific user, let’s say a new employee. In this case you can leave all the server settings
untouched and restrict only the specific user account. In addition, the restriction can also apply for user groups as well.

In order to restrict direct desktop access for particular users and groups, follow the steps below. 

  1. Open the Parallels RAS Console and log in to your farm.
  2. Navigate to Farm > RD Session Hosts. Right-click on the required server and click Properties. In this tutorial, we are using the LABSVR1 RD Session Host.
  3. A new window with the Server Properties will pop up. Navigate to the “Desktop Access” tab.
  4. Uncheck “Inherit default settings” and check the “Restrict direct desktop access to the following users:” box.
  5. Click “Add…” to input users and/or groups, click on “Check Names” to validate, and click “OK”. In this case, “User 2” is added.rdsessionhost
  6. The username will be now visible on the list. Click “OK” and then “Apply” on the Parallels RAS Console to save and apply your settings. 

Now “User 2” will not be able to access any published resources or desktops shared by the LABSVR1 RD Session Host. In this tutorial, you can see that another RD Session Host is set as LABSVR2. If they share the same applications, then “user 2” will be restricted to accessing only LABSVR2 published applications.

Please note that if the user added is member of the Administrators group this restriction will not apply on the connection.

Try Parallels RAS today with a 30-day fully featured trial.