Warning- I am a newbie to network security but couldn't find a good thread here to answer my questions. Background:
We're running a designated, 8 SCSI DVD Drive, server tower with 8 workstations- I read in one of the threads win 2k non-server is ok since we're under the 10 client max (which actually did answer a question I had). Anyway, since the users are your normal, average, "barely out of high school aged", students they get curious or ornary upon occasion so we have found we have a need to lock them out of just about everything- properties for the desktop, start-up, shut-down, changing log-on/log-off/passwards, screen-savers... absolutely anything having to do with files, esp system stuff- you get the picture, right? Anyway, there are only 2 programs they need to be able to run and print from- otherwise we want them locked out so I don't have to run down there every 5 minutes to fix annoying (and potentially worse) things they have done just "messing around". Any help would be greatly appreciated! Here goes:
1- Can you get good security without installing W2k Advanced Pro SERVER on your server? This is a small LAN with no inet or attatchment to any other network- and I really don't want the added expense of buying w2k APS if I can help it.
2- After loading w2k Pro on all the workstations do you have to configure each client w/s seperately for everything you want to lock the user out of, by logging onto each station, or can/should this be done from the server? And would you log on as a user or administrator to do this?
3- Is the security I want to do possible using the NON server 2000 or do I need to go to the server version to get it?
3- Any really easy, step-by-step books you recommend?
Thanks in advance-
rock7x7
We're running a designated, 8 SCSI DVD Drive, server tower with 8 workstations- I read in one of the threads win 2k non-server is ok since we're under the 10 client max (which actually did answer a question I had). Anyway, since the users are your normal, average, "barely out of high school aged", students they get curious or ornary upon occasion so we have found we have a need to lock them out of just about everything- properties for the desktop, start-up, shut-down, changing log-on/log-off/passwards, screen-savers... absolutely anything having to do with files, esp system stuff- you get the picture, right? Anyway, there are only 2 programs they need to be able to run and print from- otherwise we want them locked out so I don't have to run down there every 5 minutes to fix annoying (and potentially worse) things they have done just "messing around". Any help would be greatly appreciated! Here goes:
1- Can you get good security without installing W2k Advanced Pro SERVER on your server? This is a small LAN with no inet or attatchment to any other network- and I really don't want the added expense of buying w2k APS if I can help it.
2- After loading w2k Pro on all the workstations do you have to configure each client w/s seperately for everything you want to lock the user out of, by logging onto each station, or can/should this be done from the server? And would you log on as a user or administrator to do this?
3- Is the security I want to do possible using the NON server 2000 or do I need to go to the server version to get it?
3- Any really easy, step-by-step books you recommend?
Thanks in advance-
rock7x7