How can I limit remote access to 1 folder or application (QuickBooks) in Windows XP

Posted on 2006-04-30
Last Modified: 2013-11-21
I have a client who wants his book keeper to access his QB files only and leave the rest of his computer secure. Go to My PC, Logmein and Radmin2.2 all seem to give the guest full range of the computer. Any suggestions how I can do this
Thank you
Question by:RGB128
    LVL 12

    Expert Comment

    is this your scenario
    there is a computer

    he loged in to this computer as user name "logmein"
    and you what this user to access only perticular folder "onlyme"

    is this you what?

    if thats the case, considering XP machine
    the user "logmein" with be limited user account.
    by this he can see all files, but cannot change the files..
    then you have to right click on "onlyme" go to security, and give full rites to that folder for the user "logmein", you have to do this under administrator login.

    by this "logmein" user can see all files but cannot change,
    however he can change the files in "onlyme" folder

    let me know what exacly you want to achieve

    LVL 4

    Expert Comment

    not with RAdmin, with Radmin if the computer is logged in to administrator and radmin runs it will see the Administrators desktop... you need to access the computer by Remote Desktop

    set it like this;EN-US;307874
    Here it explains that 1 folder could be shared for local and network use.,, this link is to setup computer with the QB file. and the client software is for bookkeeper access.., So the plan is to create a user on QB PC file holder and so you keep main adminstrator files under protection and only share the QB folder... and only grant user level access to client PC.

    Watya think?,,, Hope it helps


    LVL 4

    Expert Comment

    Try using the windows ntfs share permission settings with RA admin disabled.
    Set up an ftp share or something like that. windows's xp pro comes with iis5.0.    ==> ntfs setup

    LVL 4

    Expert Comment

    by:artofchobo   ==> another interesting ntfs setup

    Expert Comment

    RGB128, you could try what I did on our terminal server and used Group Policy to change the shell application that loads when the user logs on. Set it to the executable of the QuickBooks program you want to be run, and instead of the explorer GUI you will just get that application. When he/she closes that application, it will log them off automatically. According to my trust MS GPO spreadsheet, you can find this in Administrative Templates\Windows Components\Terminal Services
    \"start a program on connection"

    If you want to tighten it up, use Group Policy further to block access to Task Manager (and more importantly the 'run' command from its file menu) and then set folder permissions as advised above.

    LVL 77

    Expert Comment

    by:Rob Williams
    It is very easy to restrict access to the data using NTFS permissions as others have stated, the problem is the user is accessing the machine directly with remote management software and therefore must be a member of some default groups to run the application/s ,and this us would have some access to other folders you seem to be trying to block.
    George's solution above looks far more viable, though a cleaver person could work around those restrictions.

    Expert Comment

    This is true - my local library has a compltely locked-down kiosk system using the MS recommended (and provided) Group Policy can't use anything but internet explorer, locked to their book search webserver, etc....but, what isn't disabled is the small set of icons that appear over pictures when you hover - click the "save" one, unhide some of the folder icons, and you can get to, for example, MSTSC.exe and then remote into any machine you want and bypass it! Sorry, digressing momentarily...

    You can download this and other templates here:

    Author Comment

    Thank you every one who has taken time to give me great advice.
    This is what I did:
    Because  the client is a novice I ended up password protecting his My Documents folder with a third party application and set him up with GOtomyPC. He is happy with that, which is all that counts.
    Thanks again

    LVL 77

    Expert Comment

    by:Rob Williams
    Nice to hear you have a resolution.

    Accepted Solution

    PAQed with points refunded (500)

    Community Support Moderator

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Is Threat Intelligence?

    Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

    Some time ago I faced the need to use a uniform folder structure that spanned across numerous sites of an enterprise to be used as a common repository for the Software packages of the Configuration Manager 2007 infrastructure. Because the procedu…
    ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now