[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 289
  • Last Modified:

Microsoft, Server, 2003, create and apply user desktop restrictions by group

We have a windows 2003 server running terminal services. Remote users arerunning a bespoke acess 2000 application. We need to lock down these  users so they are  unable to access anything except specific desktop apps (another database)
The server is stand alone and  is not  using a domain. I have tried looking at the group policy editor but  it seems to only work on  a domain. I wanted to create a specific lckdown policy for a group of restricted remote users
0
wells2008
Asked:
wells2008
  • 4
  • 4
1 Solution
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
So, are you saying that there are TWO databases you want them to be able to use?  Is the other one MS Access as well?

Jeff
TechSoEasy
0
 
wells2008Author Commented:
both  the ddatabases will be msaccess bespoke aapplications
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Okay, even though Access isn't my area of expertise, I'm fairly sure you can configure a front-end menu for it to allow the user to select which database they want to enter, with an exit setting to log off.

Then, all you have to do is specify that as the program to run when they log into Terminal Services in their user properties.

Check in the Access Zone for info on how to create this menu if you don't have an Access developer available to you.

Jeff
TechSoEasy
ts.jpg
0
The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

 
wells2008Author Commented:
Thanks for the comment. Im actually struggling to prevent the remote users changing anything on the sesktop  or modyfying conrtol panel etc. I really  need to lock down the desktop. the usual  way seems to use the group policy editor but this soes not seen to work if you are  not connected to a domain ontroller. the server  is a stand alone server to provide remote access to  the datbases..
 the problem is  to create a secure desktop that lallows the  user to  do little other then run these app.s


 i need to secure the desktop
add the secure settings to  a  user group
add all the remote  users to  that user group

 i can not auto  run acces as you suggest   because the  users may  neet  to access  a second database with the same credntial.
 the database is not the  ussue.. lockung the desktop  down is.
 thanks in advance
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
You apparently didn't understand what I was saying then...

If you use the "start the following program" then there is no desktop or control panel, etc.  Only the program opens and when they exit the program they are logged off.

You can then create a "switchboard" within Access to allow them a choice of which database to open.

So locking down the desktop is not an issue, since it won't be accessible.

Jeff
TechSoEasy
0
 
wells2008Author Commented:
Thanks again, I undserstand what you are saying.  I have  been asked to lock  down the desktop anyway. THere  may be  other applications  in the future that are not access based and  i know that the  people providing the terminal server platform would  be  happlier to  see a complete  lockdown of the desktop- The access database developer has asked  me to lock the desktop down anyway.
Thanks
Chris
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Then look at this newsgroup post which has very detailed steps:
http://groups.google.com/group/microsoft.public.windows.terminal_services/msg/df312d1700f993db

Jeff
TechSoEasy
0
 
wells2008Author Commented:
Thank you very much..
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now