Prev: Don't know if I'm in the right place, but...
Next: Mac RDP 2.0 client & WS2008 R2
From: "Jeff Vandervoort" jeffv at jrvsystems dot on 20 Mar 2010 18:39
Considering setting up WS2008 R2 RDP which will host applications. My
preference is that if someone clicks a hyperlink in an e-mail app that it
opens the URL on the client computer's default browser, NOT on the RD
server. This will enable them to install FakeAV 2010 on their computer
instead of my mine<g>.

My RDP experience is with WS2003, where this is not possible. Is it possible
with WS2008 R2?

If so, does it require a specific version of the RDP client for Windows?
Mac?

TIA

--
Jeff Vandervoort
JRVsystems
http://www.jrvsystems.com


From: Rob Leitman [MSFT] on 20 Mar 2010 23:01

"Jeff Vandervoort" <jeffv at jrvsystems dot com> wrote in message
news:eGRLo4HyKHA.2552(a)TK2MSFTNGP04.phx.gbl...
> Considering setting up WS2008 R2 RDP which will host applications. My
> preference is that if someone clicks a hyperlink in an e-mail app that it
> opens the URL on the client computer's default browser, NOT on the RD
> server. This will enable them to install FakeAV 2010 on their computer
> instead of my mine<g>.
>
> My RDP experience is with WS2003, where this is not possible. Is it
> possible with WS2008 R2?
>
> If so, does it require a specific version of the RDP client for Windows?
> Mac?
>
> TIA

There's nothing in Remote Desktop Services (of any version) to achieve this.

Sorry,

Rob


From: Matt on 22 Mar 2010 18:39
Why not look at using a filtering solution and preventing certain file
extensions from being downloaded all together? If its a work environment
this shouldn't cause too many issues I wouldn't think.

Thanks
Matt

"Jeff Vandervoort" <jeffv at jrvsystems dot com> wrote in message
news:eGRLo4HyKHA.2552(a)TK2MSFTNGP04.phx.gbl...
> Considering setting up WS2008 R2 RDP which will host applications. My
> preference is that if someone clicks a hyperlink in an e-mail app that it
> opens the URL on the client computer's default browser, NOT on the RD
> server. This will enable them to install FakeAV 2010 on their computer
> instead of my mine<g>.
>
> My RDP experience is with WS2003, where this is not possible. Is it
> possible with WS2008 R2?
>
> If so, does it require a specific version of the RDP client for Windows?
> Mac?
>
> TIA
>
> --
> Jeff Vandervoort
> JRVsystems
> http://www.jrvsystems.com
>
>
>
From: "Jeff Vandervoort" jeffv at jrvsystems dot on 23 Mar 2010 21:05
I assure you that this is part of my plan for this business. But the bad
guys are always ahead of the good guys that write virus signatures and
whitelists. And always will be.

--
Jeff Vandervoort
JRVsystems
http://www.jrvsystems.com

"Matt" <matthewt@[#Remove#]regionalit.net.au> wrote in message
news:u7hbWChyKHA.5132(a)TK2MSFTNGP05.phx.gbl...
> Why not look at using a filtering solution and preventing certain file
> extensions from being downloaded all together? If its a work environment
> this shouldn't cause too many issues I wouldn't think.
>
> Thanks
> Matt
>
> "Jeff Vandervoort" <jeffv at jrvsystems dot com> wrote in message
> news:eGRLo4HyKHA.2552(a)TK2MSFTNGP04.phx.gbl...
>> Considering setting up WS2008 R2 RDP which will host applications. My
>> preference is that if someone clicks a hyperlink in an e-mail app that it
>> opens the URL on the client computer's default browser, NOT on the RD
>> server. This will enable them to install FakeAV 2010 on their computer
>> instead of my mine<g>.
>>
>> My RDP experience is with WS2003, where this is not possible. Is it
>> possible with WS2008 R2?
>>
>> If so, does it require a specific version of the RDP client for Windows?
>> Mac?
>>
>> TIA
>>
>> --
>> Jeff Vandervoort
>> JRVsystems
>> http://www.jrvsystems.com
>>
>>
>>
From: Rob on 24 Mar 2010 04:29
Jeff Vandervoort <jeffv> wrote:
> Considering setting up WS2008 R2 RDP which will host applications. My
> preference is that if someone clicks a hyperlink in an e-mail app that it
> opens the URL on the client computer's default browser, NOT on the RD
> server. This will enable them to install FakeAV 2010 on their computer
> instead of my mine<g>.

What you can do is setup a software restriction policy that allows the
users to only execute programs that you explicitly list, or only programs
in directories that the users don't have write access to.

(i.e. they can execute programs in %windir% and %ProgramFiles% but not
in %UserProfile%)

This means they cannot execute anything they have downloaded.
Of course this only works when you don't give your users Admin or
Power User permissions.
 |  Next  |  Last
Pages: 1 2
Prev: Don't know if I'm in the right place, but...
Next: Mac RDP 2.0 client & WS2008 R2