52850_Remote Desktop Session Timeout

Expand / Collapse
Subject: Access Control: Remote Desktop Session Timeout

Type of Security Control: Administrative

The purpose of this procedure is to define the actions to configure remote desktop (RDP) session timeout limits in Windows 2008.

Impact:  Medium

Applies to: Internal

Description: Remote desktop sessions can be configured so they don’t timeout prematurely or they can be set to a strict session time limit.

Applicable Compliance Statements:
NIST SP800-53R4 AC-17

Access to Windows Server 2008

Service Level Agreements: N/A

1. In Windows Server 2008 Navigate to Start > Programs > Administrative Tools > Terminal Services > Terminal Services Configuration.
2. You will see the following screen.
3. Right-click your connection in the Connections window.
4. Select Properties.
5. In the Properties screen you will want to click on the Sessions tab and set the settings as needed.
6. The example below shows a one (1) hour max of active and idle sessions and will disconnect the session after that time has been reached.
7. Once you have the desired settings press Apply and/or OK and you now have new RDP session limits.
8. End.

Owner: Chief Information Security Officer
Questions: Chief Information Security Officer

Rate this Article:

Category: Windows 2008

Last Modified:Thursday, October 12, 2017 9:08 AM


Level: Intermediate

Rated 1 star based on 1 vote

Article has been viewed 10,446 times.

Email Article Email Article

Social Bookmarks Social Bookmarks