Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 261
  • Last Modified:

Establishing User Rights to not allow access to Server Management, but allow to a few programs

I have a Server 2003 with a door access security system program on it.  I would like to allow access to the this one program to allow a guard/door personal to enter in data to this program, but not allow them to access the rest of the server items such as rights, logins. users, passswords...etc.

Is there a procedure to do this?
0
tvacc
Asked:
tvacc
1 Solution
 
mlemanCommented:

its a dangerous thing to do give someone access to a server of all things,

i would set a little client machine up, that connects to the server.

if its a database, you should be able to install the client software on a ordinary pc
0
 
luv2smileCommented:
I agree with the above statement. As a system analyst....I would never have that setup. And I would advise against it as it is best practice to ONLY allow system ADMINISTRATORS access to the console of a server. Way too danagerous to allow others access. I don't know if the server is a domain controller or not....if it is then this is even more dangerous.

Why do you need to run it on the server?  I would look at your options. The program shouldn't require that it be run on a server. If it uses a database then you should be able to store the database on the server, but run the client from any workstation.
0
 
tvaccAuthor Commented:
The server commuicates with a door panel...that allows access. We had it on the server so that all the data is backed up.  Let me look at this whole setup further.  This may not work per your comments...

Open to any other comments while I am looking this all over.

0
 
kiranghagCommented:
if you still want to do it.

you can modify the policies so that the user can "run only allowed applications" on the server

http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/Default.asp?url=/resources/documentation/Windows/2000/server/reskit/en-us/gp/206.asp

you also have option to "Don't run specified Windows applications"
http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/Default.asp?url=/resources/documentation/Windows/2000/server/reskit/en-us/gp/207.asp

i guess you can do this per user basis...via domain policies...

or if you give the user a non-admin account to logon and run the application, he will not be able to run the admin software (theorotically) :-)
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now