Re: KIOSK MODE?

From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 10/01/05 

Date: Fri, 30 Sep 2005 17:19:23 -0500

Microsoft has a great solution for kiosk computers but it will only work on
XP SP2 and is called Shared Computer Toolkit for XP. I tried it out a bit
and so far the results are impressive. One thing I like is that you can
easily restrict a users from running any executable outside of the program
files folder or system folder. See the link below if you are
nterested. --- Steve

http://www.microsoft.com/windowsxp/sharedaccess/overview.mspx

"zuke" <lgilmore@NO_SPAMrainbowgrocery.net> wrote in message
news:%23DMJx0fxFHA.2132@TK2MSFTNGP15.phx.gbl...
> So, I wanted to let a laptop in a physcally public place access one
> folder on a server in my LAN. What I did do was to go to every top-level
> share and disallow access from the user account that would be logging onto
> the laptop. This took the better part of a day. It works.
>
> Then I went to the executables on the laptop I wanted excluded and did the
> same.
>
> Then I blocked all users but two from logging onto the laptop.
>
> Not a great method, but it works.
>
> I'm surprised few others want to do stuff like this.
>
> Regards,
> Zuke
>
> "Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message
> news:ENmdnUfis9qxQqreRVn-rg@comcast.com...
>> Yes their is no SRP in Windows 2000. What the user could try is to use
>> the Group Policy setting under user configuration/administrative
>> templates/system - run only allowed Windows applications after reading
>> the full explanation of the setting and adding iexplorer.exe to that
>> list. However the user could be able to run any executable that is named
>> iexplorer.exe on the computer - authorized or not though this is still a
>> workable solution particularly if the user is not a local administrator
>> or power user and other restrictions are enabled such as not being able
>> to run the command prompt and using ntfs restrictions. --- Steve
>>
>>
>> "Tom Che [MSFT]" <v-tomche@online.microsoft.com> wrote in message
>> news:Wgb%235kmwFHA.768@TK2MSFTNGXA01.phx.gbl...
>>> Hi Zuke,
>>>
>>> Thanks for posting here. Sorry for my delayed response due to the
>>> weekend.
>>>
>>> From your post, my understanding of this issue is: You would like to
>>> know
>>> how to restrict a PC to run only one program in Win2K AD. If this is
>>> not
>>> correct, please feel free to let me know.
>>>
>>> Based on my experience, it might be difficult to perform this
>>> restriction
>>> in Win2K AD without third-party specific software. But there are
>>> Software
>>> Restriction Policies in Win2K3. For more information, please see:
>>>
>>> Software Restriction Policies
>>> <http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/Serv
>>> erHelp/9c25d487-eb0b-4e2d-a5f7-89b2686d6a69.mspx>
>>>
>>> However, in Win2K AD, you may try to use Group Policy to lock down the
>>> desktop (just remain one shortcut for your application), remove unneeded
>>> items from Start Menu, hide hard drives and so on. And then, the user
>>> may
>>> not run other applications if he is not an expert and has insufficient
>>> privileges. For more information about how to do these policies, you
>>> may
>>> refer to the following Microsoft web site:
>>>
>>> Windows 2000 Group Policy Reference
>>> http://msdn.microsoft.com/library/en-us/gp/default.asp
>>>
>>> Hope this helps!
>>>
>>> Have a nice day!
>>>
>>> -------------------------------------------------------
>>> Please note that the newsgroups are staffed weekdays by Microsoft
>>> Support
>>> professionals to answer your non-urgent, break/fix systems and
>>> applications
>>> questions. Our goal is to provide 24 hour response to all questions.
>>>
>>> If this response time does not meet your needs, please contact Customer
>>> Service and Support (CSS) for more immediate assistance. For more
>>> information on available CSS services, please click here:
>>> http://support.microsoft.com/default.aspx?scid=fh;EN-US;OfferProPhone#faq607
>>>
>>>
>>> If you are outside the United States, please visit our International
>>> Support page: http://support.microsoft.com/common/international.aspx
>>> -------------------------------------------------------
>>>
>>> Sincerely,
>>> Tom Che
>>> Microsoft Online Partner Support
>>> Get Secure! - www.microsoft.com/security
>>>
>>> =====================================================
>>> When responding to posts, please "Reply to Group" via your newsreader so
>>> that others may learn and benefit from your issue.
>>> =====================================================
>>> This posting is provided "AS IS" with no warranties, and confers no
>>> rights.
>>>
>>> --------------------
>>>>From: "zuke" <lgilmore@NO_SPAMrainbowgrocery.net>
>>>>Subject: KIOSK MODE?
>>>>Date: Fri, 23 Sep 2005 11:37:19 -0700
>>>>Lines: 4
>>>>X-Priority: 3
>>>>X-MSMail-Priority: Normal
>>>>X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
>>>>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
>>>>X-RFC2646: Format=Flowed; Original
>>>>Message-ID: <#7OZV3GwFHA.460@TK2MSFTNGP15.phx.gbl>
>>>>Newsgroups: microsoft.public.win2000.security
>>>>NNTP-Posting-Host: w160.z064002063.sjc-ca.dsl.cnc.net 64.2.63.160
>>>>Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP15.phx.gbl
>>>>Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.win2000.security:15293
>>>>X-Tomcat-NG: microsoft.public.win2000.security
>>>>
>>>>In a W2K AD network, can a PC be hooked up in a "kiosk mode" such that
>>> only
>>>>one application can be used?
>>>>
>>>>
>>>>
>>>
>>
>>
>
>

Relevant Pages

  • Re: ***Drivers WONT Take****
    ... Iv downloaded the drivers for this>specific< laptop from IBM's ... Did you click on the executables in order to start the install ... drivers to another folder and you need to continue the install process ...
    (microsoft.public.windowsxp.perform_maintain)
  • Re: C-Drive stem folders with duplicate website info???
    ... and my laptop running Windows XP with IE 7. ... there would be fewer problems when I moved my .pub file for my website ... publisher webpage, and how to make it work? ... I then loaded the index_files into a folder, ...
    (microsoft.public.publisher.webdesign)
  • Re: How do I find Outlook Express
    ... Then copy all the DBX files from the the main computer to that Mail folder on the Desktop, and once that's done, right click the DBX files and clear the Read-Only attribute on the Properties. ... Then open Outlook Express on the laptop, click File/Import/Messages, selecting OE6 and From a Store Folder and point it to the Mail folder on the laptop's Desktop. ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
  • Re: Home network:can access files on desktop to laptop, but not vi
    ... the following folders are not acessible by other PC's over a network for security reasons: ... ..pst files between my laptop and desktop. ... this folder private" check box and ultimately messed everything up. ... I can access the .pst file for my desktop ...
    (microsoft.public.windowsxp.network_web)
  • Re: Windows XP crash
    ... much rather just copying the Document and Setting folder to the USB ... Second, if I get one of these boot CDs, and can get to the DOS ... a Windows password on the machine but no boot password. ... I hurriedly turned off my laptop manually because I ...
    (microsoft.public.windowsxp.help_and_support)