I have several servers that have gui-based applications (NOT running as a service) that must consistently run though out the day.
Currently, we have several users that must interact with the application on a daily basis, so we provide a common user account on that server so the users can log on via terminal services console mode so they can interact with the applications to do their daily tasks.
My question is: How can I configure these servers so the gui applications continue to run on the server, and allow the users to log in using their own AD credentials and still see interact with the gui application?
I know we can do a 'shadow 0' once logged on, but when doing that, you still have to supply the password to the user id that's logged into the console!
I'm trying to prevent my users from having to share a common user id and password to access the application while providing a paper trail of what users were logged on at a specific time.
Surely there's a security savvy person that has accomplished this.
Currently, we have several users that must interact with the application on a daily basis, so we provide a common user account on that server so the users can log on via terminal services console mode so they can interact with the applications to do their daily tasks.
My question is: How can I configure these servers so the gui applications continue to run on the server, and allow the users to log in using their own AD credentials and still see interact with the gui application?
I know we can do a 'shadow 0' once logged on, but when doing that, you still have to supply the password to the user id that's logged into the console!
I'm trying to prevent my users from having to share a common user id and password to access the application while providing a paper trail of what users were logged on at a specific time.
Surely there's a security savvy person that has accomplished this.
Comment