?
Solved

Terminal Services Application mode security hole?

Posted on 2005-03-03
9
Medium Priority
?
183 Views
Last Modified: 2013-12-04
Hi,

We have a Windows 2000 Terminal Server installed in Application Mode.

When a user log's in they are presented with Word only (No start bar etc just word) as setup in the Environment tab.

However if you get the open dialog box up and RHMC on My Computer it displays this message (Below) and then the windows Shell apears.

How do I stop this as it is a bit of a secuiry issue?

Error
Cannot find the file '/e,/idlist,:1392:2320,'(or one of its components). Make sure the path and filename are correct and that all required libuiraries are available.

Help!!

Cheers
Pete
0
Comment
Question by:pforeman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
9 Comments
 
LVL 3

Expert Comment

by:jeffrash
ID: 13494334
I'm not sure what tyou mean by RHMC. Could you expand on that?

Jeff
0
 
LVL 2

Author Comment

by:pforeman
ID: 13494371
Sorry.. ;-)

Right Hand Mouse Click

Pete
0
 
LVL 3

Expert Comment

by:jeffrash
ID: 13519738
OK, I get it now. :)

So after the error message comes up, users are given a command prompt window? If so you could set up the machine to allow only allowed applications to run, or not to run.

In a domain create a GPO or in a stand alone system you can use gpedit.msc. Any...

In a GPO locate 'User Configuration' -> 'Administrative Templates' -> 'System' and then there are two options to set. You can use 'Run only allowed Windows Applications' or you could try 'Don't run specified Windows applications'.

Under 'Don't run specified Windows applications' you could add cmd.exe or under 'Run only allowed Windows Applications' you could enter winword.exe

Hope that helps
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 2

Author Comment

by:pforeman
ID: 13523850
No not a command prompt. After clicking on OK it then gives me the rest of the windows enviroment. (IE the start menu/desktop etc)

Pete
0
 
LVL 3

Accepted Solution

by:
jeffrash earned 1000 total points
ID: 13524670
Sorry, I totally misunderstood.

But did you try making changes to 'Run only allowed Windows Applications'? You could also deny access to "explorer.exe" through 'Don't run specified Windows applications' . That is the program that brings up the windows desktop.
0
 
LVL 2

Author Comment

by:pforeman
ID: 13583508
Sorry been away.  I will try it out next week.

Pete
0
 
LVL 2

Author Comment

by:pforeman
ID: 14220524
I'm sorry for forgetting this post I have had issues!
I have not had time to look at this so I will accept jeffrash's answer and close the question.

Sorry :o)
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses
Course of the Month12 days, 17 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question