drg's questions

I have a few internet facing Windows (2008 R2) RDP servers and a user that I only want them to have access to the RDP server when they are on our local subnet, but allow the other users to have external access.

Is it possible to limit the RDP access of the user to the internal network only? Better yet, is there a way to limit a group's RDP access by IP?

I looked at using the Windows Firewall, but didn't see anything about limiting a specific user or group's access. I checked some of the group policy setting and could't find anything related to RDP access by IP.

I have a few different AD groups accessing the same remote desktop server (Windows Server 2008 R2) and I need to configure each desktop so that every user in the same group has the same icons appear on their desktop. For instance users in group X need a shortcut to "App A" to open on port 1111 and a shortcut to "App B", while users in Group Y need a shortcut to "App A" to open on port 2222 and a shortcut to "App C".

Is there a way to have the desktop configuration automatically setup for a client based on what group they're a member of?

Is it possible to remotely manage Hyper-V running on Windows Server 2008 R2 with the Hyper-V Manager on Windows 10? I know that the Hyper-V Manager on Windows Server 2012 R2 is not backwards compatible with 2008 R2 (I don't know if Microsoft decided to add backwards compatibility for Hyper-V in Windows 10).

I have a Windows 10 vm with Hyper-V installed and when I try to connect to the host as a domain admin, I get a message that says:

An Error occurred while attempting to connect to server "Virtual1".
Check that the Virtual Machine Management service is running and that you are authorized to connect to the server. 

You do not have the required permission to complete this task. 
Contact the administrator of the authorization policy for the computer 'Virtual1'.

This error message doesn't tell me if I'm wasting my time or not and I have not found any websites stating that Windows 10 Hyper-V Manager is not backwards compatible with Windows Server 2008 R2. I've tried running winrm quickconfig on the host machine, as recommended on another ServerFault page for Windows 10 and Windows Server 2012 R2, but that doesn't seem to help. I'm able to remotely manage Hyper-V on my Windows 7 machine without any problems.

Any help will be greatly appreciated.

Is there a way to programmatically collect a list of users who have logged on to a Windows server (specifically 2008 R2) within the past 30 days or between two dates? There are 2 active directory servers and all users are members of the same domain.

My end goal is to automatically get a list of unique users for each of our servers for SPLA reasons.