• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 188
  • Last Modified:

2008 ad restriction help

I am looking for a method to lock down a user's ability to open files from folders other than their home folder.  The desktop is Server 2008 Terminal Server (Vista).  The applications (for now) are the Microsoft Office suite.  I can setup GPOs.  The office ADMs don't offer much in the way of security.  I am trying to block a user's abiltiy from clicking on File\Open and type in a UNC path to open from another fileserver\share.  Or even, select the C:\ drive.  I just want them to be able to open files from their H:\ (home) drive.
1 Solution

You need to make full use of NTFS Security on your data shares to achieve that. You need to ensure that on each user's home folder, only that user - and Administrative users if appropriate - are listed with access privileges.

Mike KlineCommented:
We had a similar issue on our citrix environment.  We ended up just hiding the other drives.  When they log in they don't even see a C drive.
We did this using group policy
 Using Group Policy Objects to hide specified drives
Never tried restricting all UNC mappings, I'll try and research that.

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now