Hi @Mehrdad1993,

When applying different policies to the same OU, you must be careful that the policies don't overlap each other.

If your problem was solved, please don't remember accept the answer as the best response.

Best Regards
Hasan Emre SATILMIŞ

@hasanemresatilmis Note that this affects only the GUI options. The user still can shutdown the system from command line or third-party application.

To prevent more resourceful users from shutting down the system, remove their right to do so. Still in gpedit.msc, go to Computer Configuration / Windows Settings / Security Settings / Local Policies / User Rights Assignment, edit the "Shut down the system" privilege and remove "Users" from the list.

Hi @Jan Ringoš,

Thanks for your completion. When this is added to the policy I mentioned earlier, the result will be as follows in the command prompt.

@Mehrdad1993, is your problem completely solved?

Operation was successfully 

Thank you All.

Glad to hear, you're welcome.

(please don't forget to mark helpful replies)

Hi @Mehrdad1993,

I'm glad to the problem is solved. You're welcome :)

Hi @mjm1231,

Same configuration for users via Group Policy.

User Configuration -> Policies -> Administrative Templates -> Start Menu and Taskbar -> Remove and prevent access to the Shut Down, Restart, Sleep and Hibernate commands. 

@hasanemresatilmis 

Yes. This is the same instruction in the original post. I understand the intent is to prevent them from shutting down a computer they have accessed via RDP. But this does not answer my question.

My question is: How does a user affected by this policy shut down their own personal computer, where they are logged in locally? Wouldn't the same policy also prevent them from shutting down in that instance also?

Hi @mjm1231i,

If you apply this policy via computer configuration for only an OU which includes only servers, client computers won't affect from that policy. Your client computers and servers are in the same OU, you can use WMI filtering for Group Policy.  

@hasanemresatilmisI think you are missing what @mjm1231 is asking which is a side effect of this option that is not ideal for my users who work in and out of the office regularly.  I do not want remote in to reboot when their Office apps do what they do best and "Not Respond"...It took me long enough to get everyone to reboot as a 1st level self-troubleshoot. 

Power options on the Client computer are not the issue here, power options on the Host...when the user is logged in locally is the concern.  For instance, let's say you have users that are accessing their desktops which are on the domain (and their primary device) on RDP via VPN on a laptop (not on the domain) from home.  You wouldn't want the user to Shut Down their Desktop by mistake and not be able to access it remotely and require a physical intervention.  However if you make the change to either of the GPEdit.msc settings suggested above they do not have Power Options in the Start Menu when they return to their Domain Desktop and login locally.  You can't give them a script to autorun in command prompt as users are denied access as pointed out earlier.  I would think that there would be a Group Policy that you could push that only removes Shut Down options for Remote Desktop Users while connected to TS sessions.  I am going to look into this one and I'll report back if I find resolution.  Any input would be welcomed and appreciated.