Yes, that did occur to me. We need to do more testing with that
method. What about other clients? Are there other options that I
might be missing?
On 6/19/2014 3:09 PM, Geoffrey Duke
[log in to unmask]"
RDP as a domain account, and then user “Run as another user”
(shift-right-click on the program icon or shortcut) to
launch a tool as a local user.
Yes, we make
extensive use of RDP -- most importantly, to work remotely
with processes that run for long periods of time. I do use RDP
occasionally for admin tasks that require use of the local
Administrator account. I presume that it's time for a
On 6/17/2014 12:38 PM, Geoffrey Duke
It would do
so only if you are using a local account (e.g., the
Administrator account), or a *-tech account. If you are
using a domain account, with appropriate permissions, RDP
should still work. Do you RDP to workstations?
description sounds like this change will affect the
ability to connect to other workstations via Remote
Desktop Connection. True?
On 6/16/2014 4:54 PM, Geoffrey Duke
As mentioned in the Collaborative IT
Discussion on Wednesday last week, we have made a small
change to the Security Policy on workstations that are
part of the Campus domain. We configured the Deny access
to this computer from the network right, adding the
ETS-LocalAdmins group and the new well-known group Local
[log in to unmask]" border="0"
This limits the utility of
compromised credentials, addressing a common method for
moving through an organization and harvesting additional
credentials. This configuration change shouldn’t impact
the ability to log into a workstation using either a
local account or a *-tech account, but you won’t be able
to use such an account to connect from one workstation
Please let us know if you have any
questions or concerns about this change,
802.656.1172 | Sr System Administrator | Enterprise Technology
University of Vermont