Link to home
Start Free TrialLog in
Avatar of merlok
merlok

asked on

Group policies on NT2000 server - configured as workgroup not domain

I have a windows NT2000 server with 9 thinclient users logging in to terminal services.  (also several mixed desktop pc's using the server for file sharing).  I do not have domain configured - just workgroup. I need to drastically restrict the access of 6 users who log on to thin clients).  I have been able to manipulate the policy but it applies to all users logging on to thin clients or console. As I do not have active directory I cannot use OU's.  I have tried altering the sharing on the folder winnt\system32\group policy and sub folders to prevent those users from accessing the policy files but this seems to have no effect. (c drive is formated fat32).

Can I use group policy in this setup ?
Can I move group policy folder to D: (NTFS ) and try ntfs permissions. ?
Can I convert C drive to NTFS ?
Can I convert to domain easily ?

many thanks

Glen
ASKER CERTIFIED SOLUTION
Avatar of Fatal_Exception
Fatal_Exception
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of dlwyatt82
dlwyatt82
Flag of Canada image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of Cyber-Dude
Cyber-Dude
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of merlok
merlok

ASKER

on my previous server (NT4 terminal services) I did use regedt32 and manually edited the keys.  On the NT2000 server when I run regedt32 - load hive (NTUSER.dat ) from c:\douments and settings\username the changes I apply seem to make no difference.

This is why I am looking at local group policy.

Am I using regedt32 properly on NT2000?
SOLUTION
Avatar of saito1
saito1
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of Ranidae
Ranidae
Flag of Canada image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of oBdA
oBdA
Since the terminal server is not part of a domain, it will still process the NT4 style system policies (the predecessor to group policies). Make sure you read the policies part of the Guide below before you start; unlike group policies, the settings defined in a system policy will *not* simply revert back when you set them back to "undefined", you have to undo them explicitly.

Group Policies for Windows 2000 Professional Clients in Windows NT 4.0 Domain or Workgroups
http://support.microsoft.com/?kbid=274478

How to apply System Policy settings to Terminal Server
http://support.microsoft.com/?kbid=192794

Guide to MS Windows NT 4.0 Profiles and Policies
http://www.microsoft.com/technet/prodtechnol/winntas/maintain/prof_pol.mspx