| "kadg"
http://www.microsoft.com/communities/privacy.mspx
| MessageID: | I need to configure machines at work that will not allow
| the users to have access to the "A" drive, explorer, my
| computer, etc. They will only have access to one program
| for educational purposes. I went to "gpedit" and removed
| many options, I want the users to be able to drag and
| drop but I do not want them to have right click options
| and I do not want them to have access to windows
| explorer, C drive etc. I seemed to be successful except
| if the user right clicks on the desk top they get options
| for "new folder", "notepad", "zip files" etc. which then
| allows them to go into the c drive and everywhere. I
| think I need to change settings in admin tools, security,
| local security but cannot quite figure out the correct
| settings. Any help would be appreciated.
| Thank You Kathi
While I do have some book knowledge on the subject of Systems
Administration, I do not have any practical knowledge. As such,
I am only able to provide links to some documentation and
resources on a few aspects of this very broad subject. BTW, I am
assuming you are in an Active Directory environment...
- The following Web Page describes the implementation of, and has
pre-packaged GPOs for, the TaskStation scenario which can be used
in a Highly Managed environment such as you describe:
TechNet Home | Products & Technologies
Server Operating Systems
Windows Server 2003 Management Services:
"Implementing Common Desktop Management Scenarios with the
Group Policy Management Console"
http://www.microsoft.com/windows2000/techinfo/howitworks/management/grouppolicy.asp
- The following Web Page has a link to download a very detailed
spreadsheet that lists the full set of Group Policy settings
found in the *.adm's. (I highly recommend downloading this
spreadsheet
Microsoft Download Center:
"Group Policy Settings Reference for Windows Server 2003"
http://microsoft.com/downloads/deta...2F-DA15-438D-8E48-45915CD2BC14&displaylang=en
- The following Web Page has resources for Group Policy and
related technologies:
Microsoft Windows XP Professional Product Documentation:
"Microsoft Windows XP - Resources"
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/gpe_resources.mspx
- The following Web Page includes a TOC where you can access
subchapters describing the many technologies related to the topic
of the Security and Administration of Microsoft Windows.
Windows XP Professional Product Documentation:
"Security and administration"
http://www.microsoft.com/resources/...roddocs/en-us/hs_security_administration.mspx
- The following Resource Kit Chapter has information on limiting
access to files and folders using NTFS permissions:
- Windows XP Professional Product Documentation
Part II Desktop Management
Managing Files and Folders
http://www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/prde_ffs_rljk.asp
- An excellent "Community" Web page I recommend adding to your
Favorites:
Microsoft Windows Server 2003 Community Portal Web Page
http://www.microsoft.com/windowsserver2003/community/default.mspx
- You can find links to peer-to-peer support newsgroups for Group
Policy, Active Directory, and File Services technologies below.
Note that the following web pages are sub-pages of the Microsoft
Windows Server 2003 Community Portal Web Page.
Management Technologies Newsgroups
Newsgroup: microsoft.public.windows.group_policy
AKA: Windows: Group Policy
http://www.microsoft.com/windowsserver2003/community/newsgroups/management/default.mspx
Directory Services Newsgroups
Newsgroup: microsoft.public.windows.server.active_directory
AKA: Windows Server Active Directory
http://www.microsoft.com/windowsserver2003/community/newsgroups/directoryservices/default.mspx
File Services Newsgroups
Newsgroup: microsoft.public.windows.file_system
AKA: Windows File System: General
http://www.microsoft.com/windowsserver2003/community/newsgroups/fileservices/default.mspx
BTW, good luck on your endeavor and I seriously hope that you are
not really a ...windowsxp.newuser
