Solved

How to limit certain user to have MS Project 2007 available on Terminal Server 2003 ?

Posted on 2012-04-10
4
383 Views
Last Modified: 2012-04-25
Hi All,

How can I limit only certain users (eg. the manager only) to have access to MS Project 2007 in my Terminal Server 2003 environment ?

Because the terminal server is use by many people and we don't want to buy unused MS project 2007 for those people not using it.

is it through Group Policy or something like that ???

Thanks in advance.
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 17

Assisted Solution

by:Anuroopsundd
Anuroopsundd earned 50 total points
ID: 37830941
Most simple way will be to resrict the permission on project 2007 install folder to specific users... so no other users will be able to execute anything..
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 37830949
ok, so how do I package or put the installation file ?

do I install the application first on the terminal server or configure it in the GPO ?
0
 
LVL 3

Assisted Solution

by:chris-burns
chris-burns earned 50 total points
ID: 37831538
Quite easy actually.

CMD -> change user /install
install project 2007
once complete
CMD -> change user /execute

then change permissions on the executable as per above.
0
 
LVL 7

Accepted Solution

by:
ComputerBeast earned 400 total points
ID: 37832196
You can configure poledit to restrict the users but there may other options.

1. Dont configure the users as members of "Power Users" or/and "Administrator" in the local machine/domain.

2. Use "gpedit.msc" to configure local policy. To eliminate the policy to
affect local "Administrators" group, configure NTFS permission to deny
access to "C:\WINDOWS\system32\GroupPolicy".

3. Add the Win 2003 TS to Win 2003 domain - and use the nice GPO
to restrict users.

4. Disable files download from the Internet Explorer + restrict access
to local drive + disable local client disk mount/mapping to the
Terminal Server.


5. If the users use only one program - configure it to auto lunch when the user
Logon.

Note: please refer to the link below for further assistance on this:
http://support.microsoft.com/default.aspx?scid=kb;en-us;231287

Thank you.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question