Setting up Domain Policies

Hey,

I am trying to set up domain policies for everyone in the domain. Let say some one logs in to the domain is there a way for me to tellthe domain that they can only save thing on there folder on the server. They can not save anything local. How can I do this can some one help I am on a win2k server
eteranAsked:
Who is Participating?
 
Jay_Jay70Commented:
NTFS permissions would be wiser than trying anything else, you can prevent write but allow read and execute and you SHOULD be ok, but i wouldnt restrict to heavily...
0
 
Jay_Jay70Commented:
you cant stop this via GPO, you can however setup homedrives or redirection polices that redirect to the server when they save to something like my documents
0
 
robjeevesCommented:
Also setup some IT Policies that staff are made aware of.  Get them to sign them then bust them when they disobey them.  While your writing the usage policy include appropriate usage of intenet & email as well.  Technology can stop most things but scaring people works great too. Generally used in conjuction with technology policies are another great way to enforce 'stuff'

Rob
0
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

 
eteranAuthor Commented:
Is there anyway I can program this. What can I do to accomplish this to work correctly
0
 
robjeevesCommented:
G'day

Have a read here

http://www.informit.com/guides/printerfriendly.asp?g=windowsserver&seqNum=61&rl=1

Instructions on folder redirection

Rob

0
 
eteranAuthor Commented:
okay this last post helped, but now can I set up a policy for user not to save anything on the C:\ drive of the computer they are using
0
 
robjeevesCommented:
Not sure to be honest mate.  Sounds dangerous to enforce no write access to the C Drive.  I don't think it would work.  Temp files would need to be created to run apps, profiles have to write to documents and settings folder.  I think you'd be better of letting the users run as non-admin/power users and redirect their home Folders/My Documents onto the server.  Combine that with user education about not saving locally onto the C Drive would be less headache.  Locking down the whole C:\ would cause more issues I think.

Any thoughts Jay?

Rob
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.