Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

windows 2003 users machine security

Posted on 2004-08-23
3
154 Views
Last Modified: 2013-12-16
All,

I have migrated my domain to 2003 from NT4 and Im just starting to realise the depth of polcies and security I can have, its quite daunting, my company had a legacy of setting the domain users to be the local administrators of  their own machines (just adding the domain users to the local administrators group) this if course made the user a local admin and the ability to do anything. When i ran the computer migration I decided to take this out.......which i thought would aid security...and stop people having local admin rights

The problem is that a lot of machines need read/write access to the local C drive because of certain applications that need to write to an ini file in order to work (Toad, Macromedia homesite, citrix, smarterm etc etc)  we have a lot of developers who always require a fair level of access to their local machines, stop/start services etc

How do i set this to allow them to work properley yet not have to give them elevated privelages i.e not add the domain users to the machines local administrators group? I  want to be able to set this at a domain policy level i.e evryone in the domain can write to their own C drive, there must be a security template that I can add to do this...I cant believe Im the only 2003 admin to have had this problem

Any help would be very welcome

0
Comment
Question by:credmood
  • 3
3 Comments
 
LVL 9

Expert Comment

by:jdeclue
ID: 11874092


http://www.microsoft.com/windows2000/en/advanced/help/sag_SCEchecklist.htm?id=748

Microsoft includes predifned security templates, you may want to start with one of these and remove everything you know will harm your end users, then begin to test it.

J
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11874112
0
 
LVL 9

Accepted Solution

by:
jdeclue earned 500 total points
ID: 11874119
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Now that Expression Web 4.0 (http://www.microsoft.com/expression/products/Upgrade.aspx) is free if you buy or have the full version of Expression Web 3.0, now is the best time to  migrate from FrontPage to Expression Web (http://www.frontpage-to-exp…
Objective of This Article In 1990’s, when I was a budding software professional, I had a lot of confusion about which stream or technology, I had to choose to build my career. In those days, I had lot of confusion like whether to choose System so…
The purpose of this video is to demonstrate how to exclude a particular blog category from the main blog page. This is can be used when a category already has its own tab, or you simply want certain types of posts not to show up on the main blog. …
The purpose of this video is to demonstrate how to Test the speed of a WordPress Website. Site Speed is an important metric of a site’s health. Slow site speed can result in viewers leaving your site quickly and not seeing your content. This…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question