?
Solved

Unable to Delete Desktop Icons or Change Timezone after switching users from admin to user

Posted on 2007-11-30
8
Medium Priority
?
755 Views
Last Modified: 2008-02-01
Users are Unable to Delete Desktop Icons or Change Timezone after switching users from admin to user.  This was a recent group policy update.  Is there are GPO rule that can allow this?
0
Comment
Question by:securitythreat
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +2
8 Comments
 
LVL 10

Accepted Solution

by:
dis1931 earned 750 total points
ID: 20384764
Hello securitythreat,

I believe the Time Zone or time in general is no allowed to users...I am not aware of a group policy item to enable for all users.  As for desktop icons it is usually related to permissions on the icons themselves....Usually admins and power users have rights to delete or edit them while users can read and execute hence no deletion....This is a permission issue and you will need to change file system permssions on these icons or in the all users folder where they are probably stored....not sure what icons...If they create an icon then they should be able to delete on their desktop.

Regards,

dis1931
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 20384851
Certainly if the icons are on the All Users desktop rather than the user's own desktop in his/her profile, they will not be able to delete or edit those icons.  Normally the Users group has read-only permissions to the All Users profile.
0
 
LVL 1

Author Comment

by:securitythreat
ID: 20385085
I noticed that when I turn on the drag and drop option in Active Desktop that it is allowing users to remove and add.  One thing i'm concerned about it the time.  Our users travel alot.  Does the time stay the same or does it update if it calls out to a closer dc?  Also, how do you specify indivual programs approval to run without making the user a pu.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 20385136
Here's a Microsoft KB article describing how you can use a regedit to allow users to change the time and/or time zone on their computers:

http://support.microsoft.com/kb/300022/en-us

Users should be able to run most programs without being a power user.  Are their specific programs that you are running that you're having a problem with?
0
 
LVL 3

Expert Comment

by:top_gizmo
ID: 20386617
You can allow users to change the system time by allowing it in group policy.

It is a setting under user rights and assignments.

Computer Configuration\Windows settings\Security settings\Local policies\user rights and assignments\change the system time.

Add the user group to it.
------------------------------------------------------
The best solution to get around the not being able to delete icons problem is to modify the default users desktop so any new profiles will have the icons on their desktop and be able to delete them without affecting other users.

As for the existing users and the icons, the only work around I can think of other than modifying permission on the all users desktop is to create a script to remove the icons from the all users desktop and copy them to the users desktop.  They can delete them from there if they wish.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 20386736
You DON'T want users to change time.

Since the domain-joined PC account lives in it's own OU based on a Site then it should stay the same no matter where the user travels.

This is what the timezone does.  If the laptop user connects to a remote site in some other country then the timezone will make sure the local timestamps are correct based on the offset from GMT.  Other than the clock being out you should just let the user live with that.

0
 
LVL 1

Author Comment

by:securitythreat
ID: 20389588

My question is, if the users are in a subnet other than their site subnet, does the local machine recognize this and update the time?  If not, then the time is an issue.  It will mean that we will have to update the users OU everytime they travel and stay for a month or two.

Where do you set the time for each site?
0
 
LVL 51

Expert Comment

by:Netman66
ID: 20393142
On the local DC.

There are GPO settings for time services that can be linked to Sites so that when roaming users logon in those sites, then the time settings should be picked up by the laptop and point the client to the local server for time services.  This should remedy roaming problems.

0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
Suggested Courses

741 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question