troubleshooting Question

How to restrict local drive browsing access for terminal service users on a Windows 2008 terminal server

Avatar of SHAX
SHAX asked on
Microsoft Server OSWindows Server 2008
1 Comment1 Solution4176 ViewsLast Modified:
Im trying to prevent terminal server remote users from browsing the terminal server to which they connect.  I only want them to have access to their user directors.  The users are primarily using outlook 2007 remote applications

Here is what Ive done so fare.

Ive created a group policy that hides the local drives of the terminal server.  I cannot deny access to the local drives because then the users will not have access to their local directories.

This hides the drives but when the user opens their Save, Save-As or Open dialogue box, on the left hand side of the dialogue box is a navigation bar that allows the user to see the local drives and browse them.

To fix this I did the following:

I added the administrative template for office 2007 to group policy.  In the File Open|save dialog box policy, I enabled the Activate Restricted Browsing and added in Approve Location the path to their user directory.

The Restricted Browsing policy is working great.  Whenever I open a word document or try to save a word doc or e-mail, the save or open dialogue box opens up and say (Restricted Mode). If the user tries to browse anywhere other that their user file, they receive a message that says This location has been blocked by your system administrator

The problem I have is when a user tries to insert a file, through outlook, they can browse the terminal server through the insert file dialogue box.  Apparently the Restricted Browsing policy doesnt affect the Insert Dialogue box in outlook.

I need a way to restrict the users browsing when they are in the Insert file dialogue box in outlook.

Any help would be most welcome.

Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 1 Comment.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 1 Comment.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros