RE: GPO for one machine

From: Jon Strange (Jon.Strange_at_metro1.com)
Date: 09/10/03

  • Next message: gord.taylor_at_rbc.com: "RE: Disabling sharing and group policies"
    Date: Wed, 10 Sep 2003 10:48:57 -0700
    To: "Jeremy Rodriguez" <jeremyrodriguez@cmsmechanical.com>, "Focus-Ms" <focus-ms@securityfocus.com>
    
    

    Jeremy,

    One way to accomplish this is to create custom menu folders on a network
    share that you designate. Create a stripped down menu for the general
    users, and a full menu for the admins(each in their own respective
    folders). Then, in the policy, you map each security group to a specific
    menu(aka, the folder that you created previously). Obviously, you will
    also need to restrict access to various utilities like cmd.exe, etc...
    for the general users.

    Regards,

    Jon Strange
    Systems Administrator

    Metro One Telecommunications
       Direct: (503) 524-1688
       Mobile: (503) 803-7993
       Facsimile: (503) 579-4720
       Email: jon.strange@metro1.com
       Web: www.metro1.com
    -----Original Message-----
    From: Jeremy Rodriguez [mailto:jeremyrodriguez@cmsmechanical.com]
    Sent: Tuesday, September 09, 2003 11:35 AM
    To: Focus-Ms

    I have one machine setup with Terminal Server. I have setup a limited
    desktop using a policy (GPO). I want to be able to have domain admins
    login
    and get all menus/programs, while the rest of the users get the limited
    desktop. As I have it now whenever anyone logs in to the box they all
    get
    the limited desktop no matter if they are a domain admin. How do I fix
    this?
    I have set it up so it only applies to this machine (loopback) and the
    domain admins security box is set not to apply group policy.

    ------------------------------------------------------------------------

    ---
    KaVaDo provides the first and only integrated Web application scanner
    and 
    firewall security suite that prevent Web applications attacks, the most 
    common form of online exploitation. Download a FREE whitepaper on
    Security Policy Automation for Web Applications. 
    http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818 
    ------------------------------------------------------------------------
    ---
    ---------------------------------------------------------------------------
    KaVaDo provides the first and only integrated Web application scanner and 
    firewall security suite that prevent Web applications attacks, the most 
    common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications. 
    http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818 
    ---------------------------------------------------------------------------
    

  • Next message: gord.taylor_at_rbc.com: "RE: Disabling sharing and group policies"

    Relevant Pages

    • RE: Security for Win XP Home
      ... Security for Win XP Home ... very un-savvy users. ... Security Policy Automation for Web Applications. ... Download a FREE whitepaper on Security Policy Automation for Web Applications. ...
      (Focus-Microsoft)
    • Re: Security tab on files or folders and automatic login at Windows startup
      ... To display the Security tab... ... [[Specifies that simplified sharing is enabled. ... share folders with everyone on your workgroup or network and make folders in ... Remove the Security tab ...
      (microsoft.public.windowsxp.general)
    • Re: testing laptop based on bsd anyone
      ... "A new linux distribution for Wardrivers" ... I wasn't speaking about the relative strengths of security measures within ... As attacks through web applications continue to rise, ... vulnerability management needs. ...
      (Pen-Test)
    • Re: testing laptop based on bsd anyone
      ... Hopefully it will point at some nice BSD ... I wasn't speaking about the relative strengths of security measures within ... As attacks through web applications continue to rise, ... vulnerability management needs. ...
      (Pen-Test)
    • RE: focus-ms@securityfocus.com
      ... If I may....Quoting MS Security Resource Kit... ... Cached Credentials ... "By default, Windows NT, Windows 2000, and Windows XP cache the ... >Security Policy Automation for Web Applications. ...
      (Focus-Microsoft)