?
Solved

Limiting Remote User Access under Windows 2008

Posted on 2011-03-08
4
Medium Priority
?
471 Views
Last Modified: 2012-05-11
I'm setting up a Windows 2008 Standard server with CAL's for Terminal Services.

We are creating user accounts for some remote workers to login and do various tasks.

We want to them to be able to run a browser & Microsoft Office but that's about it.

Our O/S is on C:

Our "Programs" are on D:

We want the user profiles on E:, such as e:\users\john   e:\users\jane

How would you go about configuring this?  We've already installed Active Directory - and it is the only server in the AD

My goal is:
- they can login
- they can run apps we designate in d:\programs
- they can access their own My Documents, etc.
- they can access a shared folder, such as e:\sharedfolder

Thank you
0
Comment
Question by:drgdrg
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 13

Expert Comment

by:connectex
ID: 35077253
You can lock this down using group policy. This article talks about Windows 7 but it should work for 2008: http://www.techrepublic.com/blog/window-on-windows/how-do-i-allow-windows-7-users-to-run-only-specific-applications/2795.
0
 
LVL 1

Author Comment

by:drgdrg
ID: 35082833
Thanks, but this is very limited and is easy to get around.  I know there are more secure ways to lock it down.  This grants them access to certain named programs, but all they have to do is rename a program to an allowed name ("firefox.exe" was the example they gave).

I'm looking for a stronger lock down -

- Keep them off "C" except for running the O/S (but they shouldn't be able to get to C)
- On "D" only allow them in the programs files (we will only install programs we want them to access)
- On "E" only access their user folder and one shared folder (this is easy, takes care of itself)

Any other suggestions?
0
 
LVL 1

Accepted Solution

by:
drgdrg earned 0 total points
ID: 35326052
No answer given.  I'm abandoning this question.
0
 
LVL 1

Author Closing Comment

by:drgdrg
ID: 35360859
Question was not answered.  I'm closing the question.
0

Featured Post

Want to be a Web Developer? Get Certified Today!

Enroll in the Certified Web Development Professional course package to learn HTML, Javascript, and PHP. Build a solid foundation to work toward your dream job!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question