Deny Logoff of an Administrator Logged in to the Console Session
Here is a Group Policy setting you can apply in Active Directory to prevent an administrator or other user from logging you off from a machine that you have remotely logged into via the console session.
Policy Path: Administrative Templates\Windows Components\Terminal Services
Supported On: At least Microsoft Windows Server 2003
Help/Explain Text: Specifies whether to allow an administrator attempting to connect to the console of a server to log off an administrator currently logged on to the console. The console session is also known as Session 0. Console access can be obtained by using the /console switch from Remote Desktop Connection in the computer field name or from the command line. If the status is set to Enabled, logging off the connected administrator is not allowed. If the status is set to Disabled, logging off the connected administrator is allowed. If the status is set to Not Configured, logging off the connected administrator is allowed but can be changed at the local computer policy level. This policy is useful when the currently connected administrator does not want to be logged off by another administrator. If the connected administrator is logged off, any data not previously saved is lost.
Registry Settings: HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fDisableForcibleLogoff
Recent Comments