Guys, have a large Windows 2008 R2/2012 R2 estate. Question came up recently about granularly controlling logon to servers based on more than just authentication. Basically, we would like to be able to control all logons to servers (console/remote desktop
etc.) based on various parameters of the users such as IP address, time of logon, etc. This would be similar to what RRAS provides for remote connections. is there a way of configuring windows to authorize a logon using TACACs/RADIUS or would we need a 3rd
party application with a client running on the server to handle such things?
↧