Prevent currently logged on user from denying remote desktop access to admin

[Peter]

Is there a way - reg tweak, group policy setting - to
prevent a user (not admin) who is currently logged on to
a WinXP SP2 machine from denying remote desktop access to
an administrator? From KB 280828:

The user currently logged on to the remote computer will
receive the following error message:
<Domain or Computer Name>\<username> is trying to connect
to this computer. If you allow, you will be disconnected,
but you can resume later. Do you want to allow this
connection?
If the user clicks No, the remote user will get the
message:
<Domain or Computer Name>\<username> is currently logged
on this computer, and did not allow you to connect.

It seems unreasonable to me that a user can prevent an
admin from logging on to the machine. There's gotta be a
solution -- I've looked and found nothing.

Anyone?

Thanks!

 

[Bill Sanderson]

Submit an MSWISH?
http://register.microsoft.com/mswish/suggestion.asp

 

[Guest]

Thanks Bill, I did just that. Also, I configured the
following setting in the Group Policy:

User Configuration\Administrative Templates\Windows
Components\Terminal Services\"Sets rules for remote
control of Terminal Services user sessions" to Enabled:
Full control without user's permission.

I don't know if that will do the trick (I can't terminal
myself with my current setup) but if I find I've nailed
it I'll post back.

Thanks again.

 

[Guest]

Well that sure didn't work: the currently logged on user
(non-admin) can still prevent an admin from logging on
even with that group policy setting enabled. Bummer.

 

[Bill Sanderson]

Yeah--I don't think there is a good solution for this one at the moment.
At least I haven't heard anyone saying they had one!

 

[Jeffrey Randow (MVP)]

Disable Fast User Switching... Then it takes an admin to override a
user login...