Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

I need to lock down the client computers!!!!

Status
Not open for further replies.
maxxxsteel

maxxxsteel

IS-IT--Management
Mar 7, 2003
11
0
0
US
How can I make the desktop, etc of end user pc's on a larger network locked down. I dont want them to be able to delete icons, remove programs, nothing really but click and open! Im trying to make it so theres less headache from stupidity as I can. I know you can do this but Im not sure if its from Active Directory or if you have to do it on all the local machines. Or both! Thanks for the help!
 
Sort by date Sort by votes
Can do using active directory - I'll assume you're using W2K server. Simply establish policies on the server using Administrative Tools | Domain Security Policy. It gets tricky - sort of - you should read up on it before jumping in.
 
Upvote 0 Downvote
I would modify the the Default Domain gpo. There are great resrtictions that can be applied. Open AD Users and Computers>Right Click the Domain>Properties>Group Policy and edit from there.

Once done, run the secedit command line to refresh the policy. Hewissa

MCSE, CCNA, CIW
 
Upvote 0 Downvote
Ok, I did find the default domain policy and YES it does have great restrictions! I had fun with some co-workers experimenting! One think I was hoping to find and did not, is it possible to make the icons on the desktop....hmm how do you say undeletable, so they cant make any changes to them? I found lots of restrictions but nothing really aimed at the icons?, thanks!
 
Upvote 0 Downvote
Two options for you:

1. Use a manditory profile that is used by all users (or just your problem ones) Would need to be assigned to those users with a script or applied to each user in active directory.

2. Use User configuration | folder redirection in group policy to pull your template of the desktop off a network share. (Note: to redirect the desktop folder you need to right click on the folder in group policy and click properties.) This will give them a consistent desktop everytime they logon. (Make sure you make the share read and execute only.)

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

shan_ali
  • Locked
  • Question
NEED SIMPLE LD OPERATION IN PDF.NOR
Replies
0
Views
48
shan_ali
shan_ali
chakib
  • Locked
  • Question
hi guys , please , how to configu
Replies
0
Views
47
chakib
chakib
redvelvet
  • Locked
  • Question
services for gaming top-ups in Malaysia
Replies
0
Views
102
redvelvet
redvelvet
popcorn22
  • Locked
  • Question
Install and setting up an Avaya stand-alone DHCP server on to a DELL EMC R640?
Replies
0
Views
63
popcorn22
popcorn22
momser
  • Question
Habt ihr schon mal bei einem lokalen Floristen bestellt?
Replies
1
Views
1K
kenneth5
kenneth5

Part and Inventory Search

Sponsor

Back
Top