restricting network access

  • Thread starter Thread starter Paul Jarvis
  • Start date Start date
P

Paul Jarvis

I need to restrict network browsing. Currently the login
through terminal services for a third party product.
When they open this application they can go to file then
open and can browse the network. How do I disable this
through group policy
 
Hi Paul-

You can do this. The way to do it would be to create a new GPO linked to
the container for the terminal server (call it TS Net Lockdown or something
like that).

Go into the Properties for that GPO and add Read and Apply Group Policy
Allow permissions for the terminal server's machine account. Then add any
administrators (or their groups) who you do not wish to receive that
restrictive setting, as a Deny Apply Group Policy permission.

Once permissions have been added, edit the TS Net Lockdown GPO. Go to
Computer Configuration->Administrative Templates->System->Group Policy and
enable "User Group Policy loopback processing mode".

Then go to User Configuration-> Administrative Templates->Desktop and enable
the "Hide My Network Places icon on the desktop".

Then go to User Configuration->Administrative Templates->Windows
Components->Windows Explorer->Common Open File Dialog. Enable the "Hide the
common dialog places bar", the "Hide the common dialog back button", and the
"Hide the dropdown list of recent files" settings.

Please repost if you have any questions or concerns.
 
Back
Top