?
Solved

Restricting User from playing games & watchine Movies (2003 server - GPO)

Posted on 2008-10-14
3
Medium Priority
?
324 Views
Last Modified: 2008-10-18
Hi,

We have a domain 2003 with 400 user connected, we have problem with users who are installing games / playing games and watching moves (bringing in CD/DVD/USB drive), our management wants that users should not be able to watch movies and play any games on there machines (from CD/DVD/USB).



We need a help in this regards, how is it possible to restrict them,

Thanks.
0
Comment
Question by:tanveer_hussain
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 23

Accepted Solution

by:
ormerodrutter earned 1200 total points
ID: 22710242
I honestly don't think you can achieve your goals here.

Using GPO can lock down the machine, for example disable CD/DVD drive or even USB posts but do you really want to do that?!  I am sure you users would need CD/DVD drive and/or USB to perform their works. You can also limit user ability to install programs by given them (local) User rights on the computer - in this case your users will not be able to install anything on the computer. Your goals can be achieved using GPO but can be painful if you do so because they will be calling upon you to help installing every piece of useful software, etc.

My recommendation is to install a Monitoring software in your network to monitor all activities and internet usage. We use Track4Win (http://www.track4win.com) in our company tracking user activities on computers. Its fairly cheap and quite easy to use and once your users know there is such thing install on their computers they will behave!! Perhaps a new company policy to follow this that any misuse of company resource will lead to termination of contract?

So in other words, user education and "threathening" are a better tools than technology :)



0
 
LVL 26

Assisted Solution

by:Farhan Kazi
Farhan Kazi earned 800 total points
ID: 22710479
I am agreed with Ormerodrutter. If your clients are system local Administrators then its almost impossible to control. You MUST limit users ability to install any program.

Have a look at following links:
"Using Software Restriction Policies to Protect Against Unauthorized Software"
http://technet.microsoft.com/en-us/library/bb457006.aspx

"How To Use Software Restriction Policies in Windows Server 2003"
http://support.microsoft.com/kb/324036

"Using Software Restriction Policies To Keep Games Off Of Your Network"
http://www.windowsnetworking.com/articles_tutorials/Software-Restriction-Policies.html

Hope this helps!
Farhan
0
 

Author Comment

by:tanveer_hussain
ID: 22751076
Thank you friends (ormerodrutter: & farhankazi:) for your help, i think you ppl, are correct that it is very difficult to restrict the users from doing unwanted things on there machines, but the solution give will be helpful to me to block them to some extend.

regards,

Tanveer.
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question