Terminal services security via browser
-
I am hoping somebody out there can help me with this. We have a demo of our application on a terminal server. We have configured it so it can be accessed using the webbrowser RDP client. If accessed in this way it automatically logs the person on to the server and goes straight to the application logon. There is no desktop and we have ensured that there is no access to explorer. Unfortnatley i still dont think we have done enough. For example i managed to launch explorer from our report engine which allows customization using scripts. Is there anything else i need to be thinking about. I need to be sure the user cannot access any admin tools, launch any applications or access the file system (apart from the tied down folders we want them to.) JJ