Solved

windows 2003 users machine security

Posted on 2004-08-23
3
156 Views
Last Modified: 2013-12-16
All,

I have migrated my domain to 2003 from NT4 and Im just starting to realise the depth of polcies and security I can have, its quite daunting, my company had a legacy of setting the domain users to be the local administrators of  their own machines (just adding the domain users to the local administrators group) this if course made the user a local admin and the ability to do anything. When i ran the computer migration I decided to take this out.......which i thought would aid security...and stop people having local admin rights

The problem is that a lot of machines need read/write access to the local C drive because of certain applications that need to write to an ini file in order to work (Toad, Macromedia homesite, citrix, smarterm etc etc)  we have a lot of developers who always require a fair level of access to their local machines, stop/start services etc

How do i set this to allow them to work properley yet not have to give them elevated privelages i.e not add the domain users to the machines local administrators group? I  want to be able to set this at a domain policy level i.e evryone in the domain can write to their own C drive, there must be a security template that I can add to do this...I cant believe Im the only 2003 admin to have had this problem

Any help would be very welcome

0
Comment
Question by:credmood
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
3 Comments
 
LVL 9

Expert Comment

by:jdeclue
ID: 11874092


http://www.microsoft.com/windows2000/en/advanced/help/sag_SCEchecklist.htm?id=748

Microsoft includes predifned security templates, you may want to start with one of these and remove everything you know will harm your end users, then begin to test it.

J
0
 
LVL 9

Expert Comment

by:jdeclue
ID: 11874112
0
 
LVL 9

Accepted Solution

by:
jdeclue earned 500 total points
ID: 11874119
0

Featured Post

Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Now that Expression Web 4.0 (http://www.microsoft.com/expression/products/Upgrade.aspx) is free if you buy or have the full version of Expression Web 3.0, now is the best time to  migrate from FrontPage to Expression Web (http://www.frontpage-to-exp…
Dramatic changes are revolutionizing how we build and use technology. Every company is automating, digitizing, and modernizing operations. We need a better, more connected way to work together as teams so we can harness the insights from our system…
The purpose of this video is to demonstrate how to reset a WordPress password if you are locked out and cannot reset the password. A typical use would be if you cannot access the email to which WordPress would send the password recovery email to…
The purpose of this video is to demonstrate how to prevent comment spam on a WordPress Website. This will be demonstrated using a Windows 8 PC. Plugin Akismet will be used. Go to your WordPress login page. This will look like the following: myw…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question