[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Limiting Remote User Access under Windows 2008

Posted on 2011-03-08
4
Medium Priority
?
472 Views
Last Modified: 2012-05-11
I'm setting up a Windows 2008 Standard server with CAL's for Terminal Services.

We are creating user accounts for some remote workers to login and do various tasks.

We want to them to be able to run a browser & Microsoft Office but that's about it.

Our O/S is on C:

Our "Programs" are on D:

We want the user profiles on E:, such as e:\users\john   e:\users\jane

How would you go about configuring this?  We've already installed Active Directory - and it is the only server in the AD

My goal is:
- they can login
- they can run apps we designate in d:\programs
- they can access their own My Documents, etc.
- they can access a shared folder, such as e:\sharedfolder

Thank you
0
Comment
Question by:drgdrg
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 13

Expert Comment

by:connectex
ID: 35077253
You can lock this down using group policy. This article talks about Windows 7 but it should work for 2008: http://www.techrepublic.com/blog/window-on-windows/how-do-i-allow-windows-7-users-to-run-only-specific-applications/2795.
0
 
LVL 1

Author Comment

by:drgdrg
ID: 35082833
Thanks, but this is very limited and is easy to get around.  I know there are more secure ways to lock it down.  This grants them access to certain named programs, but all they have to do is rename a program to an allowed name ("firefox.exe" was the example they gave).

I'm looking for a stronger lock down -

- Keep them off "C" except for running the O/S (but they shouldn't be able to get to C)
- On "D" only allow them in the programs files (we will only install programs we want them to access)
- On "E" only access their user folder and one shared folder (this is easy, takes care of itself)

Any other suggestions?
0
 
LVL 1

Accepted Solution

by:
drgdrg earned 0 total points
ID: 35326052
No answer given.  I'm abandoning this question.
0
 
LVL 1

Author Closing Comment

by:drgdrg
ID: 35360859
Question was not answered.  I'm closing the question.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let’s list some of the technologies that enable smooth teleworking. 
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question