I have a virtual server running Windows Server 2008 R2. There are approximately 4 users of the virtual machine that access the machine via RDS. I have noticed several instances where multiple users logged onto the system cause processing problems due to finite system resources (e.g. User 1 and User 2 are both logged in and using too many system resources, causing User 1's application to fail). How can I lock the machine after I log on and start data processing so that other users cannot access the machine or access system resources (i.e. RAM, CPUs)?
-
Are you an Admin? How are they remotely connecting? RDS? – techie007 Apr 20 '15 at 13:41
-
@Ƭᴇcʜιᴇ007 Yes, I am admin. The users access the machine via VPN and remote desktop. – Borealis Apr 20 '15 at 13:46
2 Answers
Limiting the amount of connections to a single user will make sure only one user can utilize the machine at a time.
- Start the Group Policy snap-in, open the Local Security Policy or the appropriate Group Policy
- Navigate to the following location: Local Computer Policy > Computer Configuration>Administrative Templates > Windows Components > Remote Desktop Services> Remote Desktop Session Host> Connections> "Limit number of connections"
- Click “Enabled”
- In the RD Maximum Connections allowed box, type the maximum number of connections to 1, and then click OK.
However, this will create quite a bit of frustration. And you might not even be solving your original problem.
While a lack of resources generally slows down apps and might render them near inoperable, only very few apps actually crash when there aren't enough resources available.
What's much more likely to be happening is that you and another user are using the same process at the same time, and the app is not configured for concurrent usages (for example I know of older accounting software that crashes if a user is trying to connect while another users' session is still open).
In this case you might want to look into setting up rules to disconnect users.
Also as an addendum, maybe proper communication about who will be using the machine and when is a much less technical and easier solution, especially if the other users aren't administrators. As it is easy to see this as an abuse of your privileges to circumvent actual communication in favor of restricting others from logging on.
AFAIK Windows Server 2008 R2 has the multiple RDP session disable by default.
At the registry:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server
fSingleSessionPerUser == 0 -> multiple sessions enable
fSingleSessionPerUser == 1 -> multiple sessions disabled
- 66
- 7
-
This is not actually correct. Multiple sessions for multiple users are enabled by default. Multiple sessions for single users is disabled by default. In other words that setting makes it so that if you reconnect to a host, you take over your old session, in stead of creating a new one. – Reaces Apr 22 '15 at 09:56