How to apply policies to specific users on a Member Server.

I have a Win2k standalone server that is also running Terminal Server.  There are certain users in which I need to lock down their desktops once logged on via Terminal Server.  How do you provide policies to CERTAIN users on a server that is NOT part of a domain?  I was hoping to get a "standard" procedure, as opposed to registry "hacks" or "tricks".  

Thanks very much!!
tsavageAsked:
Who is Participating?
 
dlwyatt82Connect With a Mentor Commented:
As far as group policy is concerned, you don't. There is only a single Group Policy Object to work with (the Local object), so the normal procedure of filtering GPOs by ACL does not apply.

You will need to configure these settings / policies in the registry in some fashion, perhaps by creating a login script for the users whose desktops you wish to lock down.
0
 
fixnixCommented:
If you're not using group policies for anything and don't plan to in the future, you can use the very ugly hack of setting a locked down group policy then denying read access to it for the non-locked down users.  Just be careful that the changes aren't updated immediately or you'll lock yourself down before you can deny yourself read permissions to the policy.  Hopefully there's a better way, but I remember seeing the above concept a while back to have admins unaffected by group policy.  I don't have the url handy that had very detailed instructions on doing this.  If you want to go this route and need more specific info, I can do some digging.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.