Solved

Limiting Remote User Access under Windows 2008

Posted on 2011-03-08
4
468 Views
Last Modified: 2012-05-11
I'm setting up a Windows 2008 Standard server with CAL's for Terminal Services.

We are creating user accounts for some remote workers to login and do various tasks.

We want to them to be able to run a browser & Microsoft Office but that's about it.

Our O/S is on C:

Our "Programs" are on D:

We want the user profiles on E:, such as e:\users\john   e:\users\jane

How would you go about configuring this?  We've already installed Active Directory - and it is the only server in the AD

My goal is:
- they can login
- they can run apps we designate in d:\programs
- they can access their own My Documents, etc.
- they can access a shared folder, such as e:\sharedfolder

Thank you
0
Comment
Question by:drgdrg
  • 3
4 Comments
 
LVL 13

Expert Comment

by:connectex
ID: 35077253
You can lock this down using group policy. This article talks about Windows 7 but it should work for 2008: http://www.techrepublic.com/blog/window-on-windows/how-do-i-allow-windows-7-users-to-run-only-specific-applications/2795.
0
 
LVL 1

Author Comment

by:drgdrg
ID: 35082833
Thanks, but this is very limited and is easy to get around.  I know there are more secure ways to lock it down.  This grants them access to certain named programs, but all they have to do is rename a program to an allowed name ("firefox.exe" was the example they gave).

I'm looking for a stronger lock down -

- Keep them off "C" except for running the O/S (but they shouldn't be able to get to C)
- On "D" only allow them in the programs files (we will only install programs we want them to access)
- On "E" only access their user folder and one shared folder (this is easy, takes care of itself)

Any other suggestions?
0
 
LVL 1

Accepted Solution

by:
drgdrg earned 0 total points
ID: 35326052
No answer given.  I'm abandoning this question.
0
 
LVL 1

Author Closing Comment

by:drgdrg
ID: 35360859
Question was not answered.  I'm closing the question.
0

Featured Post

Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Like many organizations, your foray into cloud computing may have started with an ancillary or security service, like email spam and virus protection. For some, the first or second step into the cloud was moving email off-premise. For others, a clou…
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question