Re: How to disable the use of adminpak.msi?
From: David Cross [MS] (dcross_at_online.microsoft.com)
Date: 07/09/04
- Next message: mag: "removing the block on attachments"
- Previous message: anonymous_at_discussions.microsoft.com: "Re: Time to update Windows 2000? - 37 updates"
- In reply to: Ivan Tsui: "How to disable the use of adminpak.msi?"
- Next in thread: Steven Umbach: "Re: How to disable the use of adminpak.msi?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 9 Jul 2004 05:19:49 -0700
You can always set ACLs on objects that you don't want the user to see in
AD. But be careful as users likely do need to see some level of information
in AD, otherwise applications and services won't work.
-- David B. Cross [MS] -- This posting is provided "AS IS" with no warranties, and confers no rights. http://support.microsoft.com "Ivan Tsui" <IvanTsui@discussions.microsoft.com> wrote in message news:A39E5C52-DFC9-41CA-8391-40885F5DE77D@microsoft.com... > > Once a user computer install "adminpak.msi" and joined a domain, And then he logon as domain user and run the "Active Directory Users and Groups" and other AD utilities, he could be able to view the AD contents such as all Servers, all Account Information, all Group Policies, ...? > > Other than restrict the users to install the adminpak.msi and use the AD utilties in his computer, how I could set in AD to restrict or disable the users to read the AD contents? > > >
- Next message: mag: "removing the block on attachments"
- Previous message: anonymous_at_discussions.microsoft.com: "Re: Time to update Windows 2000? - 37 updates"
- In reply to: Ivan Tsui: "How to disable the use of adminpak.msi?"
- Next in thread: Steven Umbach: "Re: How to disable the use of adminpak.msi?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
