Re: Limit user access to server

• Previous message: dw85745: "Re: Stop Remote Manipulation When Server Needs Access"
• In reply to: Bryan E Fairchild: "Re: Limit user access to server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 13 Aug 2005 21:57:34 -0500

If you mean via Terminal Services then for Windows 2003 you need to add then
to the Remote Desktop users group and make sure that group has the user
right for allow logon through Terminal Services. --- Steve

"Bryan E Fairchild" <Bryan@NeotericIT.com> wrote in message
news:38AD84E7-2600-4A01-90EF-9669EBDDBF24@microsoft.com...
> Thanks for the response. I'll see what type of access rights they have
> after
> adding them to the users group. I also want the users to be able to login
> remotely, so I'm assuming I just need to add them into the login remotely
> group as well.
> --
> Regards,
> Bryan Fairchild
> -----------------
> NeotericIT.com
> Of recent origin; modern. The development, installation, and
> implementation
> of computer systems and applications.
>
>
> "Steven L Umbach" wrote:
>
>> The local administrators group should only be used for those that need
>> administrator access to the server. The users group is that group that
>> new
>> users are added to by default and it has fairly restricted access while
>> allowing a user to be functional though a user by default has full
>> control
>> of their user profile under documents and settings. If you have special
>> needs then create your own local group and configure ntfs permissions
>> exactly as you want for that group, add users to the group, and remove
>> users
>> group permissions from the folders that you want to control access to OR
>> change the ntfs permissions of the users group and user account [where
>> used]
>> to be what you need. The system folders already have restricted access
>> and
>> normally should not be changed without thorough testing first. When
>> checking/changing ntfs permissions always be sure to check the advanced
>> permissions page as a group may have different permissions for the child
>> folders than the parent folder such as for the drive/root folder.
>>
>> Group Policy can also be configured to restrict what a user can do on a
>> computer though for a non domain computer by default ALL users on the
>> computer will have local Group Policy [gpedit.msc] settings applied to
>> them.
>> Local Security Policy [secpol.msc] can be used to modify user rights such
>> as
>> shutdown the computer. For XP Pro and Windows 2003 Software Restriction
>> Policies can also be used to restrict what applications a user can
>> install
>> and run. --- Steve
>>
>> http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/rstrplcy.mspx
>> --- Software Restriction Policies
>>
>> "Bryan E Fairchild" <Bryan@NeotericIT.com> wrote in message
>> news:8EE0DC3B-7B43-40BB-A367-C0D1B53A0010@microsoft.com...
>> >I can not believe this is so difficult to setup. Isn't there a way to
>> >give
>> >a
>> > group of users limited access to a server? In other words, I want to
>> > give
>> > a
>> > groups of users the ability to login to a server and see everything,
>> > but
>> > not
>> > the right to change anything. Simply read access. I'm amzed that there
>> > isn't
>> > already a group that just gives users read access to a server. There
>> > are
>> > so
>> > many useless groups on a Windows server. 90% of the time the Local
>> > Administrators group is the only one used because all the other groups
>> > are
>> > useless.
>> > --
>> > Regards,
>> > Bryan Fairchild
>> > -----------------
>> > NeotericIT.com
>> > Of recent origin; modern. The development, installation, and
>> > implementation
>> > of computer systems and applications.
>>
>>
>>

• Previous message: dw85745: "Re: Stop Remote Manipulation When Server Needs Access"
• In reply to: Bryan E Fairchild: "Re: Limit user access to server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]