There are some simple rules to follow if you want to prevent your users from browsing the file system of your Remote Access server:
1- Make sure you do not give your users administrators rights. Proper user/group rights management is key to limiting access to sensitive data.
2- Open an AdminTool and click on the "Applications" tile.
Click on the "Assign Application" tab:
Select a user from the list on the left and check the "TSplus Remote Taskbar" application. In the example below, the next time the demo user opens a session he will see the TSPlus Remote Taskbar as well as any applications assigned to him, but no Remote Desktop:
Here is the result : Only a taskbar and the assigned application (in this case, a shared folder) are visible for the user "John".