• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 246
  • Last Modified:

How can I limit remote access to 1 folder or application (QuickBooks) in Windows XP

I have a client who wants his book keeper to access his QB files only and leave the rest of his computer secure. Go to My PC, Logmein and Radmin2.2 all seem to give the guest full range of the computer. Any suggestions how I can do this
Thank you
  • 2
  • 2
  • 2
  • +4
1 Solution
is this your scenario
there is a computer

he loged in to this computer as user name "logmein"
and you what this user to access only perticular folder "onlyme"

is this you what?

if thats the case, considering XP machine
the user "logmein" with be limited user account.
by this he can see all files, but cannot change the files..
then you have to right click on "onlyme" go to security, and give full rites to that folder for the user "logmein", you have to do this under administrator login.

by this "logmein" user can see all files but cannot change,
however he can change the files in "onlyme" folder

let me know what exacly you want to achieve

not with RAdmin, with Radmin if the computer is logged in to administrator and radmin runs it will see the Administrators desktop... you need to access the computer by Remote Desktop

set it like this
Here it explains that 1 folder could be shared for local and network use.,, this link is to setup computer with the QB file. and the client software is for bookkeeper access.., So the plan is to create a user on QB PC file holder and so you keep main adminstrator files under protection and only share the QB folder... and only grant user level access to client PC.

Watya think?,,, Hope it helps


Try using the windows ntfs share permission settings with RA admin disabled.
Set up an ftp share or something like that. windows's xp pro comes with iis5.0.
www.msfn.org/board/index.php?showtopic=50394    ==> ntfs setup

Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

www.idp.net/ntfs   ==> another interesting ntfs setup
RGB128, you could try what I did on our terminal server and used Group Policy to change the shell application that loads when the user logs on. Set it to the executable of the QuickBooks program you want to be run, and instead of the explorer GUI you will just get that application. When he/she closes that application, it will log them off automatically. According to my trust MS GPO spreadsheet, you can find this in Administrative Templates\Windows Components\Terminal Services
\"start a program on connection"

If you want to tighten it up, use Group Policy further to block access to Task Manager (and more importantly the 'run' command from its file menu) and then set folder permissions as advised above.

Rob WilliamsCommented:
It is very easy to restrict access to the data using NTFS permissions as others have stated, the problem is the user is accessing the machine directly with remote management software and therefore must be a member of some default groups to run the application/s ,and this us would have some access to other folders you seem to be trying to block.
George's solution above looks far more viable, though a cleaver person could work around those restrictions.
This is true - my local library has a compltely locked-down kiosk system using the MS recommended (and provided) Group Policy template..you can't use anything but internet explorer, locked to their book search webserver, etc....but, what isn't disabled is the small set of icons that appear over pictures when you hover - click the "save" one, unhide some of the folder icons, and you can get to, for example, MSTSC.exe and then remote into any machine you want and bypass it! Sorry, digressing momentarily...

You can download this and other templates here: http://www.microsoft.com/downloads/details.aspx?familyid=354b9f45-8aa6-4775-9208-c681a7043292&displaylang=en
RGB128Author Commented:
Thank you every one who has taken time to give me great advice.
This is what I did:
Because  the client is a novice I ended up password protecting his My Documents folder with a third party application and set him up with GOtomyPC. He is happy with that, which is all that counts.
Thanks again

Rob WilliamsCommented:
Nice to hear you have a resolution.
PAQed with points refunded (500)

Community Support Moderator

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 2
  • 2
  • 2
  • +4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now