Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 92
  • Last Modified:

Is this explicit permission possible?

Hello all,

My company has 7 citrix servers. We have users that get corrupted profiles because of a sync issue.
To fix this we would need to log on to the servers and remove the profile or rename the profile to ***.old.

Problem is only the Sys Admin and Jr Sys Admin have access to the servers. Help desk are the ones that are getting the call. The server requires a login. The Sys Admin and Jr Sys Admin all have domain accounts that can log into any server. We don't want to give Help Desk that access. I know that I will need to setup a local account.

My company is on board with a LEAN process. I was wondering if it was possible to give HelpDesk users access to the server's C Drive.

Can I give access to them to the C Drive\Users Folder and not access to remote into the server? [Example have them type the path to the C Drive (\\cserver01\c$\users). I know it will prompt them for a login and I can make a HelpDesk login.]

Is it possible to allow them access to just the Users folder? [Only allow them to stay in the user folder and no where else]

Is it also possible to reject their login if they try to remote into the server?

I know it may not be possible but just thought I'd ask to see if anyone has come across something like this.


Thanks!
0
xouvang
Asked:
xouvang
1 Solution
 
Norm DickinsonGuruCommented:
You should be able to create a new share on that folder and explicitly allow access to a particular group, then assign the help desk to that group.
0
 
xouvangAuthor Commented:
Thanks! That's what I did and it's doing what I want it to do
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now