General discussion

Locked

W2K Pro Security

By msafford ·
Need Quick & Dirty steps.
W2K Pro workstation logging into NT 4.0 Server. 25+ individual users and indivdual systems. I would like them to have access to selected apps & functions and restrictions to what they can actually change on their desktop.I want each user to be able to move to different workstations and logon.

This conversation is currently closed to new comments.

7 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

W2K Pro Security

by TimeCube In reply to W2K Pro Security

well, quick and dirty? I would set up roaming profiles; this can be done from usermanager, have everyone's profile reside on the server. If you don't want users changing anything on their desktop or within their profile, you can rename NTUSER.DATto NTUSER.MAN, this prevents any changes being written to that file. As far as moving profiles to the server... Create a shared directory on the server called HOME. make subdirectories with the usernames. If everyone's profile is going to be the same, Create a default user with the default configuration. Right click on My Computer, properties, user profiles... select the default profile, then copy to... browse to the home/%user%/ directory on the server and put it there... make sure to add permissions for that user. You can also use POLEDIT.exe to restrict what users can do as far as maping drives, sharing resources, etc...

Collapse -

W2K Pro Security

by msafford In reply to W2K Pro Security

Perhaps my question was off track.
What I need is to have each w2k pro workstation that is connected to a NT 4.0 sever setup so that user cannot change anything at that workstation i.e.
apps, desktops, but let the administrator login without that acccount being affected, i.e. that all desktop functions and programs are available.

Collapse -

W2K Pro Security

by TimeCube In reply to W2K Pro Security

I would set up roaming profiles; this can be done from usermanager, have everyone's profile reside on the server. If you don't want users changing anything on their desktop or within their profile, you can rename NTUSER.DAT to NTUSER.MAN, this prevents any changes being written to that file. As far as moving profiles to the server... Create a shared directory on the server called HOME. make subdirectories with the usernames. If everyone's profile is going to be the same, Create a default user with the default configuration. Right click on My Computer, properties, user profiles... select the default profile, then copy to... browse to the home/%user%/ directory on the server and put it there... make sure to add permissions for that user. You can also use POLEDIT.exe to restrict what users can do as far as maping drives, sharing resources, etc...

Collapse -

W2K Pro Security

by msafford In reply to W2K Pro Security

The question was auto-closed by TechRepublic

Collapse -

W2K Pro Security

by TimeCube In reply to W2K Pro Security

that will do it... you can also use poledit.exe to create system wide policies that severly restrict user rights...

Collapse -

W2K Pro Security

by msafford In reply to W2K Pro Security

The question was auto-closed by TechRepublic

Collapse -

W2K Pro Security

by msafford In reply to W2K Pro Security

This question was auto closed due to inactivity

Back to Windows Forum
7 total posts (Page 1 of 1)  

Related Discussions

Related Forums