1

I am currently looking into licensing issues around Microsoft Office when connecting to Terminal Services/RDS.

As Office is licensed per device (for non-O365 variants) and only certain versions of Office are granted Remote Usage Rights on RDS, I am looking to set up a new RDS server with Office installed but want to restrict it so that only specific devices can connect to it.

Ideally this would be done with a Group object in AD which I can can add/remove correctly licensed machines from.

If anyone knows whether this is achievable and how to do it it'd be most appreciated if you could give me some guidance.

Ceisc
  • 111
  • 2
  • Use your software firewall or hardware firewall to do this. How you only allow inbound traffic from certain ip address using Windows Firewall is documented. How your hardware firewall works I am sure is documented if you have one. – Ramhound Aug 30 '17 at 12:54
  • 1
    A simple solution would be to setup a [Windows Firewall rule for incoming TCP port 3389 on an ***Always Secure***](https://i.imgur.com/xvloSLU.png) to only be allowed to connection from [specific machines/computers](https://i.imgur.com/Q0fKkYB.png) in your domain, workgroup, etc. – Vomit IT - Chunky Mess Style Aug 30 '17 at 12:55
  • Restricting access by IP probably won't do it as the client machines will all be DHCP and may be portable and so access the RDS server from other locations and therefore different IPs. – Ceisc Aug 30 '17 at 12:59
  • McDonald's Windows Firewall option looks to be workable as that seems to grant access by computer name rather than IP. I shall give that one a go. Thanks. – Ceisc Aug 30 '17 at 13:00
  • @Ceisc - You might want to mention that fact in your question instead of a comment. – Ramhound Aug 30 '17 at 13:22
  • Be sure that there are no other applicable RDP rules that take precedence as well if you have trouble with it working as expected by after making the change, try to connect from a machine that is not in the *Allowed Computers* list. – Vomit IT - Chunky Mess Style Aug 30 '17 at 13:58

0 Answers0