We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now

x

2008 ad restriction help

Medium Priority
214 Views
Last Modified: 2012-05-06
I am looking for a method to lock down a user's ability to open files from folders other than their home folder.  The desktop is Server 2008 Terminal Server (Vista).  The applications (for now) are the Microsoft Office suite.  I can setup GPOs.  The office ADMs don't offer much in the way of security.  I am trying to block a user's abiltiy from clicking on File\Open and type in a UNC path to open from another fileserver\share.  Or even, select the C:\ drive.  I just want them to be able to open files from their H:\ (home) drive.
Comment
Watch Question

tigermattSite Reliability Engineer
CERTIFIED EXPERT
Most Valuable Expert 2011

Commented:

You need to make full use of NTFS Security on your data shares to achieve that. You need to ensure that on each user's home folder, only that user - and Administrative users if appropriate - are listed with access privileges.

-Matt
CERTIFIED EXPERT
Top Expert 2013
Commented:
We had a similar issue on our citrix environment.  We ended up just hiding the other drives.  When they log in they don't even see a C drive.
We did this using group policy
http://support.microsoft.com/kb/231289
 Using Group Policy Objects to hide specified drives
Never tried restricting all UNC mappings, I'll try and research that.
Thanks
Mike

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.