Announcement

Collapse
No announcement yet.

User lockdown

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • User lockdown

    Hi.

    I have spent the last two days trying to figure out a soltion for the following problem.

    I have a windows 2008 r2 machine without AD, wich i want to run RemoteApp for a single program and i have got that part to work very good.

    The problems i still have is that i want the users to be "isolated" from eachother,
    and i donīt want them to se for example wich other users exist on the machine.
    I have used the LGPO to lockdown quite a lot functions in the windows exporer, but it feels like im doing it the wrong way around since every time ive locked one function, i find an other that i have to spend hours to lock. Isīnt there a way to easily and secure, restrict the user to its user folder (c:\users\name).

    I have solved most of the issues, but still the user can open a common dialog like "Open file" and press ctrl+n to open a explorer window from wich he can select "Share with" and from there browse all the users in the system.
    This might seems like a small issue, but it is very importent for me to solve.

    I have tried to use the Grouppolicy entry "Prevent users from sharing files within their profile", but i cant figure out how it works, and it dont solve the problem for me.

    I aso tried to disable "Use sharing wizard". This works, but i can only do this for the loged in user, and not for the entire machine which would be required.

    So what im asking for is.

    1. A "good" way to isolate the user, and if there isnīt any, a way to solve the sharingwizard problem.

    Thanks in advance.

    /Thure

  • #2
    Re: User lockdown

    How are your users configured, what access levels?
    MCSE 2003; MCTS Vista; Sec+; CCNA
    Attitude Makes The Difference!
    in other words you got to WANT to do it..

    Comment


    • #3
      Re: User lockdown

      The users are only members of the "Users" and the "Remote Desktop users" groups.

      Comment


      • #4
        Re: User lockdown

        http://support.microsoft.com/kb/278295

        Maybe this will help you.

        MCSE 2003; MCTS Vista; Sec+; CCNA
        Attitude Makes The Difference!
        in other words you got to WANT to do it..

        Comment


        • #5
          Re: User lockdown

          Hi again.

          No, i have seen this document and it applies to 2000 and 2003. It wont explain for me how to solve the issues that i described in my first post.

          Thanks anyway .

          Comment

          Working...
          X