Simple user can access applications others than published in TSPlus ?

Get help with troubleshooting issues
Post Reply
Alpin
Posts: 36
Joined: Mon Nov 14, 2016 3:29 pm

Simple user can access applications others than published in TSPlus ?

Post by Alpin » Tue Nov 20, 2018 12:59 pm

Hello,

How to prevent simple users to acess to others applications than published in TSPlus ?

Simple exemple:
We want to publish notepad.exe only (users will only see notepad.exe, not the full desktop)
The user connects to the html5 web interface with his user, click on "Save as" from notepad.exe, and in that window, change path to (e.g.:) C:\Windows\System32,
then scoll down to "cmd.exe"(e.g.), then right click and choose "Open".
Now, you have acess to cmd.exe (e.g.) !

How to prevent user to launch others applications than published in TSPlus ?

Thank you in advance,

Best Regards,

Alex
Top
User avatar
admin
Site Admin
Posts: 1649
Joined: Wed Sep 05, 2012 6:38 am

Re: Simple user can access applications others than published in TSPlus ?

Post by admin » Thu Nov 29, 2018 11:41 am

Hello,

The simplest way to secure your server in this regard is to use RDS Knight and the "One click to secure desktop" feature.
More information about this can be found here : https://www.terminalserviceplus.com/add ... rity-level

With this feature, accessing applications that are not assigned is not possible anymore. You can fully configure this to whitelist application from being blocked.
Olivier
TSplus support team administrator
Image
Top
Post Reply

Return to “Troubleshooting and Problems”