Solved

Using group policy to restrict access of software for some users on terminal services?

Posted on 2011-09-25
2
299 Views
Last Modified: 2012-05-12
hi guys,

If I wanted some people to have microsoft office applications available to them when they log onto terminal services and others to not have access, then how would I implement this with group policies?

Many thanks
Yashy
0
Comment
Question by:Yashy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 250 total points
ID: 36595658
Setup some manditory profiles (make sure they are set as the "Terminal Services Profile" on the user object in AD users and computers.)

Then you can have a non office profile and an office profile :)

Not done with GPO's though =/
0
 
LVL 39

Assisted Solution

by:Krzysztof Pytko
Krzysztof Pytko earned 250 total points
ID: 36595662
You can create GPO with Software Restrictions and the use GPO Filtering to target only that group which shouldn't have to use software on your TS

ABout Software Restriction
http://support.microsoft.com/kb/324036

About GPO Filtering
http://technet.microsoft.com/en-us/library/cc779291%28WS.10%29.aspx
http://www.windowsnetworking.com/articles_tutorials/group-policy-security-filtering.html

but I would suggest to change NTFS settings on folders with that programs to only specified groups. Others won't be able to run software.

Regards,
Krzysztof
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question