D
Devin
Hi All,
Currently I have a client that is running Small Business Server 2000
(SBS2000). The server has Terminal server running on it in Application
Mode. Since it is a SBS install the Terminal Server is also on the
Domain Controller. A few users have the right to log on locally, and
they log on to the server to do work remotely.
Now I have to add one more user to be able to log on remotely and
work. This user only needs 1 program, which I placed an icon to on the
desktop. She is bad with computers and I do not want the server
destroyed. So I need to find a way to lock down the terminal server
session so she can really only just run this program. Here are the
details though:
-Terminal Server runs on the Domain controller
-The administrator and the other users must have full control like
they do now
-only this ONE single user needs to be restricted
-The single user needs full control on her regular desktop...only
restricted in terminal services.
Everything I read points me to Knowledgebase articles 231287,260370,
and 278295. The problem is I do not know group policy all that well.
But I get the idea that a new OU is made and the server running TS in
put into it. That computer is the object to which Group Policy is
applied. The problem is I think it will then effect everyone who logs
on to Terminal services. I only need this one single user restricted.
Admins and the other users still need full access. I also can not mess
up the users (any of them) on their normal workstations.
Is there any way I can limit the TS access of one user while still
preserving the other users and the regualar workstation access. I have
never worked with Group Policy a lot but I cant think of how to do
this and only effect one user.
Thanks very much for your help!
Currently I have a client that is running Small Business Server 2000
(SBS2000). The server has Terminal server running on it in Application
Mode. Since it is a SBS install the Terminal Server is also on the
Domain Controller. A few users have the right to log on locally, and
they log on to the server to do work remotely.
Now I have to add one more user to be able to log on remotely and
work. This user only needs 1 program, which I placed an icon to on the
desktop. She is bad with computers and I do not want the server
destroyed. So I need to find a way to lock down the terminal server
session so she can really only just run this program. Here are the
details though:
-Terminal Server runs on the Domain controller
-The administrator and the other users must have full control like
they do now
-only this ONE single user needs to be restricted
-The single user needs full control on her regular desktop...only
restricted in terminal services.
Everything I read points me to Knowledgebase articles 231287,260370,
and 278295. The problem is I do not know group policy all that well.
But I get the idea that a new OU is made and the server running TS in
put into it. That computer is the object to which Group Policy is
applied. The problem is I think it will then effect everyone who logs
on to Terminal services. I only need this one single user restricted.
Admins and the other users still need full access. I also can not mess
up the users (any of them) on their normal workstations.
Is there any way I can limit the TS access of one user while still
preserving the other users and the regualar workstation access. I have
never worked with Group Policy a lot but I cant think of how to do
this and only effect one user.
Thanks very much for your help!