I have a Windows 2000 Advanced Server in my kitchen connected to the internet.
It hosts a web site, an e-mail server, etc.
It also does DNS, DHCP, and NAT for the internal network (3 additional PCs, runnign WIndows 98).
HOWEVER, this is the computer we all use regularly to check e-mail and browse the internet, since it is conveniently located and always on.
To do this, I have enabled some users to "log-in-locally" to the server. They use Outlook Express and Internet Explorere primarily.
I am trying to add a "Content filter" application called Cyber Snoop that I hope will prove less restrictive than tradditional filters. I don't want to restrict access to an un-rated page just because it's unrated, and this tool allows you to filter based on both page rating and content analysis.
The instructions for installation on Windows 2000 say that after installing (as Administrator), you should:
a) Run REGEDT32
b) Select HKEY_LOCAL_MACHINE
c) Select SOFTWARE registry key
d) Select Permissions under the SECURITY menu item.
e) In Registry Key Permissions, select "USERS" (i.e.
the users group)
f) Select "Full Control"
g) Under "Advanced.." button select "Reset permissions on all child objects and enable propagation of inheritable permissions"
Now, if they told me to do this on an entry for the specific product, I might understand, but why the whole SOFTWARE key?
What does this change allow a user account to do that was not allowed before?
Is this safe? Unwise? Stupid?
I get the feeling this instructions may have been ment for a Windows 2000 Pro client, not for a server.