Re: More Granular Security

From: TwistedPair (schnibitz@hotmail.com)
Date: 07/23/02 

From: "TwistedPair" <schnibitz@hotmail.com>
Date: Tue, 23 Jul 2002 14:16:10 -0700

Hi Ken,
Here are a few things you can do. The following link describes how to add
permissions for normal or guest users to log in through terminal server
(both administrative, and application modes).

http://support.microsoft.com/support/kb/articles/Q224/3/95.ASP

Also note that for this to work you will also need to grant permissions in
the local security policy for "Bypass Traverse checking," "Logon Locally,"
and "Access this computer from the network." Without those, it may not
work. My suggestion would be to add these permissions to a group, and add
users as necessary to that group to relieve any administrative burdons
placed on you by users asking to be popped into and out of these roles.

Good Luck!
Schnibitz

"Ken Illingsworth" <illingsk@cityofrochester.gov> wrote in message
news:0aa901c23277$f21d03c0$35ef2ecf@TKMSFTNGXA11...
> We have two developers using Terminal Services Clients to
> administer a Win2k member server in a workgroup. Since
> they are using Terminal Services in Administrative mode,
> they both are members of the local Administrators group.
> One of the developers indicated that they were interested
> in more granular security to help prevent access to each
> others directories.
>
> My question is: Is there any way to introduce more
> granularity in the servers security without disrupting
> their ability to remote control into a server session?
>
> Any and all suggestions are welcome.
>
> Thanks in advance for your time.

Relevant Pages

  • Re: Access Control Best Practices for shared hosting seem at odds with Web Site Starters
    ... the server can write a file somewher. ... Security depends on the application itself. ... The MS Shared Hosting Deployment Guide lists among best practices: ... Ensure strong permissions are used on Web content ...
    (microsoft.public.inetserver.iis.security)
  • Re: [Full-Disclosure] XP vs 2K
    ... some services (server, messenger, etc) for security, ... Some things to administer the system are almost buried ... Charter: http://lists.netsys.com/full-disclosure-charter.html ...
    (Full-Disclosure)
  • Re: File Sharing Nightmares
    ... Vista's SP1 has some stuff disabling secedit in favor of gpedit.msc. ... that the server was the issue. ... "The Group Policy security settings that apply to this machine could not be ... >> Permissions trouble for the registry entries. ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: Moved & Deleted Files
    ... > share has correct share/ntfs permissions and that the permissions are not ... > share will not go to the recycle bin on the server. ... > For Windows 2000 you can enable auditing of object access in the Local ... > Security Policy or Domain Controller Security Policy for domain controllers ...
    (microsoft.public.security)
  • Re: 80004005 Unspecified Error
    ... every update that comes down the pike restricts access and hardens security. ... Just because your Jet database has none of Jet's security ... it has associated launch and activation permissions. ... It worked just fine (I had to restart my win2000 server) TILL I ...
    (microsoft.public.inetserver.asp.db)
Quantcast