Azhar
05-24-2007, 12:01 PM
OK here's the situation:
I run a Small Business Server 2003 R2 server with a couple of storage servers. We have about 70 users accessing it via remote desktop and tsweb terminal server.
Half are company employees. We have them grouped together in Active Directory as Internal User.
The other half are clients for companies we consult. We have these grouped in Active Directory as External Users.
They all have Remote Desktop membership in group policy which allows them to connect to the terminal server. Basically the only difference between Internal and External User is Internal has an Exchange email account, a network user folder, and Sharepoint access. External users do not have an Exchange account (their own companies provide them with email service), and they're set up on their own Sharepoint account as Contributor.
Here's what I'm trying to do: Whenever you create a new user in Active Directory, and they log into the terminal server for the first time, their desktop is being set up.. Internet Explorer icons, Primavera Project Management icon and so on.
Is there a way to make it so when you create an External User account, they get some program acess and shortcuts on the desktop different from Internal Users who has more program rights?
It annoys me to no end when I get calls saying that the icon on the external user's desktop keeps giving them access denied errors. I want them off the desktop when I create their account so they won't even see it to play with it.
I run a Small Business Server 2003 R2 server with a couple of storage servers. We have about 70 users accessing it via remote desktop and tsweb terminal server.
Half are company employees. We have them grouped together in Active Directory as Internal User.
The other half are clients for companies we consult. We have these grouped in Active Directory as External Users.
They all have Remote Desktop membership in group policy which allows them to connect to the terminal server. Basically the only difference between Internal and External User is Internal has an Exchange email account, a network user folder, and Sharepoint access. External users do not have an Exchange account (their own companies provide them with email service), and they're set up on their own Sharepoint account as Contributor.
Here's what I'm trying to do: Whenever you create a new user in Active Directory, and they log into the terminal server for the first time, their desktop is being set up.. Internet Explorer icons, Primavera Project Management icon and so on.
Is there a way to make it so when you create an External User account, they get some program acess and shortcuts on the desktop different from Internal Users who has more program rights?
It annoys me to no end when I get calls saying that the icon on the external user's desktop keeps giving them access denied errors. I want them off the desktop when I create their account so they won't even see it to play with it.