Solved

Guest Logon - Single Printer Only - No Interactive Logon For Computers

Posted on 2003-11-13
11
447 Views
Last Modified: 2008-02-01
I would like to have guest account that only allows access to a specific network printer, and nothing else. I do not want this account to be able to log onto any compturs interactively. I pretty much want it to be denied to every other resource out there. Is this possible?
0
Comment
Question by:J. Smith
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 3
11 Comments
 
LVL 5

Expert Comment

by:vtobusman
ID: 9741194
Why yes it is....
  What version of windows are you using so that we may be able to assist you better?
0
 
LVL 4

Author Comment

by:J. Smith
ID: 9741215
The client could be anything, it's a printer for customers and salesmen who come in and need to do some quick printing. FYI: The user will be authenticating through W2K Active Directory.
0
 
LVL 5

Accepted Solution

by:
vtobusman earned 50 total points
ID: 9741527
even better  on the win 2k server create and account for the computer and just give him print only permissions and deny log-on locally.. ...wait are the bringing in their laptops ??
and you have no control of the os ??

   hmmm if so then buy this
http://www.compgeeks.com/details.asp?invtid=DI-704P-R
   it 34 bucks hook the wan side to your network.... hook the priter to it.. and the user will plug into it get access to the printer only..... just configure the router with no gateway...
 
0
SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

 
LVL 4

Author Comment

by:J. Smith
ID: 9741725
they are laptops which i have no control over if it's a customer

the soho print server would not work since employees will be printing to it and accessing other servers.
0
 
LVL 5

Expert Comment

by:vtobusman
ID: 9742127
is it a network printer ie it has an ip address if so the so thing will work just put it in the dmz..
  other than that..
you would need to setup a server with 2 nic in it and dhcp...

i nic connected to your network and the other nic to the network for the customers..
setup dhcp on that interface so that the customer can get an address and the server just set it up as a stand alone print server... remove all gatways on it so the it wont rout from 1 network to the next...
 
  um other than that  good luck
0
 
LVL 1

Expert Comment

by:riannuzzi
ID: 9759716
If you only want to access the printer do this. Have the client login locally NOT into the domain. Set up Standard TCP/IP printing using RAW to the IP address of that printer.
0
 
LVL 4

Author Comment

by:J. Smith
ID: 9766280
What i'm looking for here is for the customer/sales employee to be able to type : \\domain-controller, right click on the printer and click connect. Is this possible to do without giving them access to any other resource?
0
 
LVL 1

Expert Comment

by:riannuzzi
ID: 9766920
Yes you can do that. Just enable your guest account, put in a password, go to the print server properties, go to the printer specific properties and allow the guest account to print only on that printer through the security settings.

Netbios to the print server and click connect. You will then be mapped to the printer. Of course to do this you must have a computer account in the domain and login to the domain with the guest account. You will not be able to login locally to the station and do this.
0
 
LVL 4

Author Comment

by:J. Smith
ID: 9767209
yes, but the guest account is a part of the everyone group which has access to shares with security set to everyone. although those type of shares have low security risks, I do not want customers to have access to them. therefore, I need an account that is capable of listing printers attached to the domain, connect to them and that's about it. maybe this is not possible?
0
 
LVL 1

Expert Comment

by:riannuzzi
ID: 9767408
Customers can only see them if they are shared, it is the folder permissions not the share permissions that decides whether you can access them or not. On a default win2k networks guests can't access any resources... it is you who decides that, anyway you look at it, if the computer has an account in the domain you are at risk, regardless of what username they use. If you are that scared, and i would too, do not have them log-into the domain. Have them login locally and use LPR or RAW to connect directly to a printer, these items will be saved with the profile and they will no have access to your domain....
0

Featured Post

Building an interactive eFuture classroom

Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

FIPS stands for the Federal Information Processing Standardisation and FIPS 140-2 is a collection of standards that are generically associated with hardware and software cryptography. In most cases, people can refer to this as the method of encrypti…
This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question