We have 1 server, Windows 2003 Standard Edition with SP2.
This servers acts as domain controller, file server, printer server, application server, remote access/vpn server and a terminal server.
We have 2 hard drives on the server,
c:\ (system drive with applications that are installed on the server)
e:\ (company shared drive)
All users on the domain have access to the e:\ drive.
We would like to restrict this access so that only 2 folders are accessible within the e:\ drive
unc paths
\\servername\company share\index\folder1
\\servername\company share\index\folder2
Here's the twist, we only want restricted access when users are Terminally logged in. Whilst they are in the office they need access to all the files on the e:\ drive. This requirement is to prevent users from accessing sensitive data from home and potentially copying/printing that data.
We attempted this with 2 GPO's. The first was a loopback GPO set to merge and the 2nd was a User lockdown GPO attempting to prevent users access to these files. (if requested I can post the settings of the GPO).
The problem is, users are still able to brwose folders once they have explorer open by either clicking the Up folder button, or clicking the Folders button and then clicking the back button. Then they are able to access any folder they have permission for.
This idea was to try and mask files and folders making it extreamly difficult for a normal user to navigate their way to any where other then the 2 folders they should have access to.
Let me know if you require any more information,
thanks in advanced
Start Free Trial
