Solved

Guest Logon - Single Printer Only - No Interactive Logon For Computers

Posted on 2003-11-13
11
444 Views
Last Modified: 2008-02-01
I would like to have guest account that only allows access to a specific network printer, and nothing else. I do not want this account to be able to log onto any compturs interactively. I pretty much want it to be denied to every other resource out there. Is this possible?
0
Comment
Question by:J. Smith
  • 4
  • 3
  • 3
11 Comments
 
LVL 5

Expert Comment

by:vtobusman
ID: 9741194
Why yes it is....
  What version of windows are you using so that we may be able to assist you better?
0
 
LVL 4

Author Comment

by:J. Smith
ID: 9741215
The client could be anything, it's a printer for customers and salesmen who come in and need to do some quick printing. FYI: The user will be authenticating through W2K Active Directory.
0
 
LVL 5

Accepted Solution

by:
vtobusman earned 50 total points
ID: 9741527
even better  on the win 2k server create and account for the computer and just give him print only permissions and deny log-on locally.. ...wait are the bringing in their laptops ??
and you have no control of the os ??

   hmmm if so then buy this
http://www.compgeeks.com/details.asp?invtid=DI-704P-R
   it 34 bucks hook the wan side to your network.... hook the priter to it.. and the user will plug into it get access to the printer only..... just configure the router with no gateway...
 
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 4

Author Comment

by:J. Smith
ID: 9741725
they are laptops which i have no control over if it's a customer

the soho print server would not work since employees will be printing to it and accessing other servers.
0
 
LVL 5

Expert Comment

by:vtobusman
ID: 9742127
is it a network printer ie it has an ip address if so the so thing will work just put it in the dmz..
  other than that..
you would need to setup a server with 2 nic in it and dhcp...

i nic connected to your network and the other nic to the network for the customers..
setup dhcp on that interface so that the customer can get an address and the server just set it up as a stand alone print server... remove all gatways on it so the it wont rout from 1 network to the next...
 
  um other than that  good luck
0
 
LVL 1

Expert Comment

by:riannuzzi
ID: 9759716
If you only want to access the printer do this. Have the client login locally NOT into the domain. Set up Standard TCP/IP printing using RAW to the IP address of that printer.
0
 
LVL 4

Author Comment

by:J. Smith
ID: 9766280
What i'm looking for here is for the customer/sales employee to be able to type : \\domain-controller, right click on the printer and click connect. Is this possible to do without giving them access to any other resource?
0
 
LVL 1

Expert Comment

by:riannuzzi
ID: 9766920
Yes you can do that. Just enable your guest account, put in a password, go to the print server properties, go to the printer specific properties and allow the guest account to print only on that printer through the security settings.

Netbios to the print server and click connect. You will then be mapped to the printer. Of course to do this you must have a computer account in the domain and login to the domain with the guest account. You will not be able to login locally to the station and do this.
0
 
LVL 4

Author Comment

by:J. Smith
ID: 9767209
yes, but the guest account is a part of the everyone group which has access to shares with security set to everyone. although those type of shares have low security risks, I do not want customers to have access to them. therefore, I need an account that is capable of listing printers attached to the domain, connect to them and that's about it. maybe this is not possible?
0
 
LVL 1

Expert Comment

by:riannuzzi
ID: 9767408
Customers can only see them if they are shared, it is the folder permissions not the share permissions that decides whether you can access them or not. On a default win2k networks guests can't access any resources... it is you who decides that, anyway you look at it, if the computer has an account in the domain you are at risk, regardless of what username they use. If you are that scared, and i would too, do not have them log-into the domain. Have them login locally and use LPR or RAW to connect directly to a printer, these items will be saved with the profile and they will no have access to your domain....
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question