Solved

windows 2003 users machine security

Posted on 2004-08-23
3
151 Views
Last Modified: 2013-12-16
All,

I have migrated my domain to 2003 from NT4 and Im just starting to realise the depth of polcies and security I can have, its quite daunting, my company had a legacy of setting the domain users to be the local administrators of  their own machines (just adding the domain users to the local administrators group) this if course made the user a local admin and the ability to do anything. When i ran the computer migration I decided to take this out.......which i thought would aid security...and stop people having local admin rights

The problem is that a lot of machines need read/write access to the local C drive because of certain applications that need to write to an ini file in order to work (Toad, Macromedia homesite, citrix, smarterm etc etc)  we have a lot of developers who always require a fair level of access to their local machines, stop/start services etc

How do i set this to allow them to work properley yet not have to give them elevated privelages i.e not add the domain users to the machines local administrators group? I  want to be able to set this at a domain policy level i.e evryone in the domain can write to their own C drive, there must be a security template that I can add to do this...I cant believe Im the only 2003 admin to have had this problem

Any help would be very welcome

0
Comment
Question by:credmood
  • 3
3 Comments
 
LVL 9

Expert Comment

by:jdeclue
ID: 11874092


http://www.microsoft.com/windows2000/en/advanced/help/sag_SCEchecklist.htm?id=748

Microsoft includes predifned security templates, you may want to start with one of these and remove everything you know will harm your end users, then begin to test it.

J
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11874112
0
 
LVL 9

Accepted Solution

by:
jdeclue earned 500 total points
ID: 11874119
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Suggested Solutions

Turn A Profile Picture Into A Cartoon Using Photoshop And Illustrator This tutorial will teach you how to make a cartoon style image out of a regular picture. I have tried to keep the tutorial as simple as possible. I used Adobe CS4 for this tuto…
This article provides a case study on how our local youth baseball league deployed a new website, including the platform selection, implementation and benefits to the league.
The purpose of this video is to demonstrate how to properly insert a Vimeo Video into a WordPress site or Blog. This will be demonstrated using a Windows 8 PC. Go to your WordPress login page. This will look like the following: mywebsite.com/wp…
The purpose of this video is to demonstrate how to reset a WordPress password if you are locked out and cannot reset the password. A typical use would be if you cannot access the email to which WordPress would send the password recovery email to…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now