)
)
As a network administrator, some days will go smoothly. Other days, your infrastructure’s components, devices and apps, the number of staff and users accessing it, and any other variable that might weigh in and multiply potentials, all come together for something quirky to happen.
Ensuring stable secure access to your servers is an ongoing task. It is also multi-faceted. Among your daily responsibilities, checking who has RDP access is essential for both security reasons and operational control. Below, we explain how to perform these checks in Windows and then compare it with the faster and centralised approach in TSplus Remote Access .
What is RDP User Management in Windows?
Some Examples of Tasks
Creating and managing user accounts
Admins create users either locally or through Active Directory. Proper group assignments determine which individuals can connect remotely.
Granting and checking permissions
Users must be part of the Remote Desktop Users group or be administrators with the appropriate rights. These permissions ensure secure but functional access.
Why regular checks are important
Access permissions can become outdated as staff change roles. Routine audits help prevent unauthorized connections and improve compliance with security policies.
Potential Hurdles and Mishaps
Managing RDP access can sometimes lead to unexpected issues:
- Overlapping permissions: Group nesting in Active Directory may conceal who truly has access.
- Revoked rights not applied: Changes in group membership may not take effect immediately if sessions remain active.
- Human error: Admins may forget to remove old accounts, leaving dormant access points.
Recognising these pitfalls helps administrators design better auditing routines and avoid misconfigurations that could compromise. security .
How to Check Who Has RDP Access to a Server in Windows?
Time to get down to business. Start by accessing the device’s local “Computer Management” via a right click on the start menu. In that window, you can scroll down the side menu within System Tools . Expand Local Users and Groups and click to access the Groups list. Here, you should find all the information you need. You can also see the same information in “Task Manager”.
Here are the steps breakdown in list form followed by a description of explicit and implicit authorisations and a note on manual checks.
How to Check RDP Access Using Computer Management
- Open Computer Management by right-clicking the Start menu.
- Navigate to System Tools → Local Users and Groups → Groups .
-
Open
Remote Desktop Users
to see who has access.
- Remember that Administrators may not appear in this list but usually have access by default.
How to Check RDP Access Using Computer Management
-
Use
Task Manager
→
Users
tab to see connected accounts:
The
Users
tab lists active connections and related data.
-
Alternatively, run either of the following commands depending on the information and actions you require.
List local RDP group members with Powershell:
Get-LocalGroupMember -Group "Remote Desktop Users"
Show current sessions (RDS/host) with cmd:query user
query session
These commands report user, session ID, and state (Active/Disconnected). - Settings shortcut (modern Windows & Server): Go to Settings → System → Remote Desktop → Select users that can remotely access this PC to view or add users.
- Confirm the user right that actually allows RDP logon: Even if a user is in Remote Desktop Users they still need the Allow log on through Remote Desktop Services user right. Check via Local Security Policy → Security Settings → Local Policies → User Rights Assignment Limit this right to Administrators and Remote Desktop Users (plus any explicitly allowed groups).
Understanding Group Differences
In the group Remote Desktop Users , those users listed will have been allocated access privileges. Administrators On the other hand, each should by default have access to a device. Bear in mind that administrators may not automatically be listed in their group. They will nonetheless normally be granted default access. In short:
- Remote Desktop Users: explicitly granted access.
- Administrators: implicit access unless restricted by security policy.
Limitations of Manual Checks
On large networks, repeating this process across multiple servers is time-consuming. Active Directory nesting can also obscure visibility of actual RDP permissions.
For reference, Microsoft provides detailed instructions on enabling and checking Remote Desktop access.
What About Alternatives for Checking Who Has RDP Access to a Server?
Limitations of Native tools
Windows built-in tools are reliable for basic checks, but they are rapidly time-consuming and fragmented. Each server requires manual verification, and permissions may be scattered across nested groups in Active Directory. This makes it difficult to maintain a clear overview in larger environments or multi-server infrastructures.
Centralized Ergonomic Tools
For administrators who need centralised visibility and easier control, dedicated remote access software is often a better option. TSplus Remote Access provides you with a complete management console for all your Application publishing and web-enabling Moreover, it includes your user profiles and presence management, and even your farm management, amongst other things.
Essential Items to Check
TSplus consolidates RDP access management and application publication into a single interface. With it, you can:
- View who has permission to log in.
- Check who is currently connected in real time.
- Apply permissions and restrictions across multiple servers in just a few clicks.
Compared to traditional Remote Desktop Services (RDS), TSplus removes unnecessary complexity and licensing overhead. It gives IT teams an affordable, streamlined and secure way to manage RDP access across an entire organization.
How to Check Who Has RDP Access to a Server in Remote Access?
To perform these checks when using TSplus Remote Access, you can look in the same places as above for the device-based information. Here is how you would find that information and more in our environment:
- Centralized User Assignments
- Session Manager View
- ·Permissions and Restrictions
Centralized User Assignments
With TSplus, you can manage a host of user-related assignments in either display & interaction mode available for our Console the Publish & Assign Applications pane (Lite) or the Applications pane (Expert). This makes it easy to confirm which users or groups have permission to log in and use published apps.
Session type and applications assigned to a user:
Assigning Applications to Users or Groups → Centralized User Assignment There you can select a user to view related information.
Assigning Applications to Users or Groups → Centralized User Assignment → Users submenu. With this view, select a specific application to verify which users can access it.
Session Manager View
Open the Session Manager to see all current sessions across servers. From here, you can disconnect, log off or monitor activity, without logging into each server separately.
In the Admin Console, click on the Session Manager button to view a list of users.
The Session Manager displays all active and disconnected sessions in real time. For each user, you can:
-
View session details (status, idle time).
- Disconnect or log off.
- Send messages.
- Take remote control of a session.
When you request one, the user will be prompted thus:
Permissions and Restrictions
Within Sessions → Permissions administrators can control clipboard use, printer redirection, or drive access. Combined with TSplus Advanced Security, this approach helps mitigate risks like brute-force attacks and unauthorized access.
What Are some Further Possibilities within TSplus Remote Access?
- Session Timeouts and Reconnection Options
- Session Prelaunch
- Web Portal Access Restrictions
Session Timeouts and Reconnection Options
You can enforce session limits, prevent multiple concurrent sessions per user, and configure automatic reconnection rules for smoother workflows.
Session Prelaunch
This feature pre-loads sessions before working hours, reducing logon delays. Employees start work instantly without waiting for session initialization.
Web Portal Access Restrictions
TSplus includes a secure HTML5 Web Portal for browser-based access. Administrators can restrict logins to the portal, preventing direct RDP connections and reducing the attack surface. The Sessions → Permissions route above also leads to the Web Portal Access Restrictions menu. You can choose between the following actions: No Restriction , Mandatory , Admins only or Prohibit Admins .
How About a Secure Alternative to Windows Remote Services?
Microsoft’s Remote Desktop Services (RDS) delivers remote applications and desktops but requires multiple roles to function: Session Host, Gateway Broker and Web Access. Added to the rapid fallback on Citrix, this makes RDS powerful but also complex to configure, costly to license, and resource-intensive to maintain at scale.
For many organizations, a lighter yet secure solution is preferable. TSplus Remote Access provides that alternative. Instead of juggling multiple RDS roles, administrators get:
- A streamlined installation that can be set up in minutes.
- A central console to manage applications, users and sessions.
- A customizable HTML5 Web Portal, enabling browser-based access from any device without exposing raw RDP ports .
- Built-in compatibility with TSplus Advanced Security to strengthen protections against brute-force attacks and unauthorized logins.
This makes TSplus an appealing choice for organisations seeking cost savings, reduced complexity and stronger security, all while still delivering smooth remote sessions.
Conclusion
These are some simple checks to perform, whether within Windows or in Remote Access. At any time, monitoring who has RDP access to your servers proves a critical part of maintaining security and efficiency. Whether using Windows’ built-in tools or simplifying management with TSplus Remote Access, regular checks ensure only authorized users connect, reducing risks and keeping your IT environment secure and well-controlled.
With a few clicks you can set up our software to discover its simplicity and ease of use thanks to our 15-day free trial period. Finally, a quick look at our store will give your finance manager the assurance that this is a remote solution which will not break the bank.

TSplus Remote Access Free Trial
Ultimate Citrix/RDS alternative for desktop/app access. Secure, cost-effective, on-premises/cloud