General discussion


Secure windows server

By jaleel14 ·
I need to bring in a server for accounts depart ment,this server should be accessed by only accounts deparment users and not by other users within my domain, It should not be displayed in my network neighbourhood,how do i achive this.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by jaleel14 In reply to Secure windows server

How do i block all users withing my domain to acces this and only allow users within account team to access this server.

Collapse -

by sgt_shultz In reply to Secure windows server

do you have active directory? if so one way to do what you need to do is to add a tree for the new department to your forest. this question may not be answered so simply, especially since you posted it without mentioned your current domain structure at all.... i would contact an it consulting firm or microsoft for help on this. the few hundred dollars would be very well spent..

Collapse -

by 3xp3rt In reply to Secure windows server

If you have installed and configured the Active Directory, you can creat a security group, what have members all the accounts department's users, and permit the acces to the server only for this security group

Collapse -

by lowlands In reply to Secure windows server

When you say the need access to the server, what exactly do they need access to? Will it be an application running on the server or are you going to share a directory, or will the users have to log on to the server console (physically or using terminal services)?

Restricting access can most likely be done by creating a Group in your domain and adding only the specific users to it.
If you don't want the server to show up in other users network neighborhood I believe you should disable Netbios.
If you want a share to be hidden from users, make sure the sharename ends with a $.

Collapse -

by GregChin In reply to Secure windows server

I agree. First disable Netbios over TCP/IP on the server so that it won't be broadcasting. That way there will be no record in the master browser of the server on the network.
Next within AD remove the Everyone group from the security properties and add the Accounting Dept group with at least Read permissions. This way it won't be seen in AD by nosey people from other departments that like to snoop.
Then on the server itself, configure permissions for the share accordingly.
Let us know if that worked.

Related Discussions

Related Forums