tvacc
asked on
Establishing User Rights to not allow access to Server Management, but allow to a few programs
I have a Server 2003 with a door access security system program on it. I would like to allow access to the this one program to allow a guard/door personal to enter in data to this program, but not allow them to access the rest of the server items such as rights, logins. users, passswords...etc.
Is there a procedure to do this?
Is there a procedure to do this?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The server commuicates with a door panel...that allows access. We had it on the server so that all the data is backed up. Let me look at this whole setup further. This may not work per your comments...
Open to any other comments while I am looking this all over.
Open to any other comments while I am looking this all over.
if you still want to do it.
you can modify the policies so that the user can "run only allowed applications" on the server
http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/Default.asp?url=/resources/documentation/Windows/2000/server/reskit/en-us/gp/206.asp
you also have option to "Don't run specified Windows applications"
http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/Default.asp?url=/resources/documentation/Windows/2000/server/reskit/en-us/gp/207.asp
i guess you can do this per user basis...via domain policies...
or if you give the user a non-admin account to logon and run the application, he will not be able to run the admin software (theorotically) :-)
you can modify the policies so that the user can "run only allowed applications" on the server
http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/Default.asp?url=/resources/documentation/Windows/2000/server/reskit/en-us/gp/206.asp
you also have option to "Don't run specified Windows applications"
http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/Default.asp?url=/resources/documentation/Windows/2000/server/reskit/en-us/gp/207.asp
i guess you can do this per user basis...via domain policies...
or if you give the user a non-admin account to logon and run the application, he will not be able to run the admin software (theorotically) :-)
Why do you need to run it on the server? I would look at your options. The program shouldn't require that it be run on a server. If it uses a database then you should be able to store the database on the server, but run the client from any workstation.