?
Solved

Restrict who can use MS Office 2007 Applications on Windows Server 2008 R2

Posted on 2011-02-11
4
Medium Priority
?
793 Views
Last Modified: 2012-08-14
I'm looking for a way to restrict who can access Microsoft Office by user.  This server is running Windows Server 2008 R2 and is not in a domain (no Active Directory).  This is a terminal server, so all users will be connected to this server.

I want the following restrictions per user (or group)

Can run all Office 2007 Applications
Can run only Excel
Can run no office 2007 Applications

Any assistance is greatly appreciated.
0
Comment
Question by:brianfsu1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 8

Accepted Solution

by:
Toxacon earned 2000 total points
ID: 34874642
Add one group for Excel and one group for all Office apps. Use NTFS permissions to allow execute of the Office executables based on group membership.

For example:

Grp_Allow_Excel
Grp_Allow_Office

Remove Users from Excel.exe access list and add Grp_Allow_Excel and Grp_Allow_Office with Read/Execute

Remove Users from Outlook.exe, Winword.exe etc access list and add Grp_Allow_Office with Read/Execute.

If a user-level user is not a member, he/she can't launch any Office program.
0
 

Author Comment

by:brianfsu1
ID: 34874840
Thanks for the response.  That's an interesting angle at accomplishing this that I hadn't thought of.  

The only downside (and I should've mentioned this in the original question) is that it would be nice if they didn't even see shortcuts to those applications as well.  
0
 
LVL 8

Expert Comment

by:Toxacon
ID: 34875068
Maybe you can develop a script that detects the membership (IFMEMBER.EXE) and based on that copies or removes the shortcuts from the user desktop or start menu. Naturally, as the original shortcuts are in All Users profile, you have to remove them.
0
 

Author Closing Comment

by:brianfsu1
ID: 34890177
Worked great.  Thanks.
0

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
New style of hardware planning for Microsoft Exchange server.
The viewer will learn how to simulate a series of sales calls dependent on a single skill level and learn how to simulate a series of sales calls dependent on two skill levels. Simulating Independent Sales Calls: Enter .75 into cell C2 – “skill leve…
The viewer will learn how to create two correlated normally distributed random variables in Excel, use a normal distribution to simulate the return on different levels of investment in each of the two funds over a period of ten years, and, create a …
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question