Establishing User Rights to not allow access to Server Management, but allow to a few programs

I agree with the above statement. As a system analyst....I would never have that setup. And I would advise against it as it is best practice to ONLY allow system ADMINISTRATORS access to the console of a server. Way too danagerous to allow others access. I don't know if the server is a domain controller or not....if it is then this is even more dangerous.

Why do you need to run it on the server?  I would look at your options. The program shouldn't require that it be run on a server. If it uses a database then you should be able to store the database on the server, but run the client from any workstation.

The server commuicates with a door panel...that allows access. We had it on the server so that all the data is backed up.  Let me look at this whole setup further.  This may not work per your comments...

Open to any other comments while I am looking this all over.

if you still want to do it.

you can modify the policies so that the user can "run only allowed applications" on the server

http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/Default.asp?url=/resources/documentation/Windows/2000/server/reskit/en-us/gp/206.asp

you also have option to "Don't run specified Windows applications"
http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/Default.asp?url=/resources/documentation/Windows/2000/server/reskit/en-us/gp/207.asp

i guess you can do this per user basis...via domain policies...

or if you give the user a non-admin account to logon and run the application, he will not be able to run the admin software (theorotically) :-)