Announcement

Collapse
No announcement yet.

Force a domain user to use a specific login script

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Force a domain user to use a specific login script

    Hello,

    I would like to create a new domain user with limited access to a specific network folder.
    i would like him to sign in as a domain user, but he should have read only access to only one shared folder. The problem is that I am using a login script that maps all the network shared folders to all domain users.

    How and where do I make the changes, so it will not "take" the general login script? And which permissions should I give in order to hide the rest of the shared folders from him?

    Thanks

  • #2
    Several options
    Assuming the script is applied via a domain level GPO:
    1) Put user in another OU, block GPO inheritance and set up an OU level GPO with a different script
    2) Security filtering on the GPO to deny read to the user (note security filtering of GPOs generally reduces performance)
    3) User in another GPO, with inheritance, but a separate script which undoes the first one

    Also note you may be able to do what you want with folder permissions only
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment

    Working...
    X