Win 7 want very limited access

Dapperdan

Dapperdan

Supreme [H]ardness
Joined
Jun 17, 2002
Messages
6,306
Im setting up a few Windows 7 pcs for our workers, they will be logging in remotely via logmein. I want to restrict these guys to as little as possible, access wise. I don't want them to be able to power off but I do want them to be able to restart. Id like to limit their access to just the programs I choose and have limited access to a few files and folders, dropbox being one of the folders they can access as well as a few other folders/files. All while allowing me my own user account with full access. What are my options? Thanks
 
Read up on Group Policies and Applocker.

BTW if they're logging in remotely, you should consider a Terminal Server solution.
 
You have to have Win 7 Pro for file level permissions. Beyond that, +3 to Group Policy/TS. Unless you have experience, I'd go easy on blocking/locking down everything, otherwise you will pull all your hair out and learn all kinds of new obscenities.
 
Correct me if Im wrong but Terminal services allows for RDP? We wanted to set it up to RDP into each pc but the company where we are placing these pcs will only allow that to happen if we use VPN. They are providing the VPN for each machine for $100 a month. Im only setting up 6 of these for now but at some point we plan to have around 20 to 30 of them. At $100 a month, free logmein accounts start sounding pretty good and so far have worked just fine.

As for restrictions, I just want to limit these guys from accidentally powering down or running something they shouldn't be. I live 2 hours away from the office it will be located at and need to make sure Im not running down town to reboot a machine that someone accidentally shut down or some other preventable screw up.
 
Then you might consider putting in your own RADIUS server or MS equivalent to provide the secure VPN connection.
 
Terminal Services, or Remote Desktop Services as it is now called, allows multiple logins to a single computer (server) with full GUI access. It would be far easier to administer and maintain than multiple individual boxes.
What kind of workflow do your remote users have?
 
Id really prefer to use RDP/VPN over logmein but as per agreement for allowing us to place the PCs in the office, we either HAVE to use their VPN Juniper provided service or I have to figure it out on my own, which left me with little options (logmein) given my lack of IT knowledge. They wont open any ports for us and beyond that I have no clue how to setup a cheaper/free VPN service, specially without access to the network info needed.

We rented out a remote server with virtual environments as well as a few dedicated servers for a bit and found that the dedicated servers were much better for our needs. That's why after talking with a few people we crossed out the virtual server option.

So unless someone can help provide easy instructions on setting up a VPN or other means for accessing RDP on a limited access network that even Helen Keller could follow, Im not sure what else I can actually do.
 
Dapperdan said:
Id really prefer to use RDP/VPN over logmein but as per agreement for allowing us to place the PCs in the office, we either HAVE to use their VPN Juniper provided service or I have to figure it out on my own, which left me with little options (logmein) given my lack of IT knowledge. They wont open any ports for us and beyond that I have no clue how to setup a cheaper/free VPN service, specially without access to the network info needed.
Click to expand...

I would strongly suggest that you speak to a local IT consultancy. Get some professionals in. With just a few connections, then logmein or similar with individual desktops is fine, but it's going to become difficult when you scale up. Don't be surprised if they recommend two Citrix servers or MS Terminal Servers. You'll need two for redundancy.
 
You must log in or register to reply here.
Back
Top