Re: Requesting general help with administartion
From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 03/14/04
- Next message: marc: "XP Pro setup"
- Previous message: msobel_at_airwaveusa.com: "Password protect Windows task manager"
- In reply to: DeaDGuY: "Requesting general help with administartion"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 14 Mar 2004 01:25:18 GMT
When you configure an XP Pro computer there are three main groups for users to belong
to - users, power users, and administrators. Your friend should be the only
administrator on the computer and the other users only in the users group. Keep in
mind that there may a problem with regular users running some applications including
games in which case he is going to have to decide what he wants to do. You can use
Computer Management [right click My Computer/manage] local users and groups to add
users and groups.
After creating user accounts, you can use ntfs permissions to restrict users as to
what permissions they have to a folder and it's subfolders. On the C drive change the
root/drive folder permissions so that users have only read/list/execute permissions.
Beyond that you should not make any more changes to it and leave the system folder
alone as regular users are already restricted there. Users will also be able to save
files to their profiles on drive C under documents and settings/user name folder. If
you do not see ntfs permissions in a folders properties, you will first need to
disable simple file sharing in Explorer in tools/folder options/view -uncheck the
last box. If you want you can also use Software Restriction Policies to restrict what
users can run/install and then exempt local administrators with the enforcement rule.
See the links below for more information. --- Steve
http://support.microsoft.com/default.aspx?scid=kb;en-us;308418
http://support.microsoft.com/?kbid=310791
"DeaDGuY" <TheDeaDGuY@perfectnothing.com> wrote in message
news:E70FAF4A-8318-4C46-87DC-D8C660205E24@microsoft.com...
> Hello everyone, I'm kindof new when it comes to being an 'admin' of a computer and
I've just set up an XP Pro computer for a friend of mine, he's not so PC savvy and he
has some people in the house that are just plain ignorant.
>
> Well, he wants my help to secure the PC from his own errors, and random silly
things the others are likely to do, so here's a rundown of my plan:
>
> Firstly, I'm setting up XP itself on an old 7 GB HDD then I have a newer 10 GB HDD
for them to install whatever on ( they're kindof on a budget.. ) I want to make the C
drive secure to the point where nobody can change anything on it except for a few
people and only when logged into a specific administrative account.
>
> Then for my friend I want annother seperate account that allows him to do pretty
much whatever he wants with the D drive. For the others I want a minor account that
will not let them install anything but will let them run whatever software is there,
and most importantly not allow them any access at all to the C drive or anything
related to system files etc.
>
>
> What I'm looking for is feedback on this, is this a good plan? What would you
change, or add to it? Any specific tips or tools that will make implementing such a
plan easier, and maybe some specific things within Windows XP's options to look for.
Feel free to post responses here or e-mail them to me.
>
> Thanks in Advance.
> -Matt
- Next message: marc: "XP Pro setup"
- Previous message: msobel_at_airwaveusa.com: "Password protect Windows task manager"
- In reply to: DeaDGuY: "Requesting general help with administartion"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
