Jump to content
Compatible Support Forums
Sign in to follow this  
bytemangler

policy editor in W2K

Recommended Posts

I'm trying to setup a policy for a user login on to win2K server using poledit. Where do I plce the new policy so it apply to the user whenever they logon?

Share this post


Link to post

Poledit.exe doesn't work "directly" with Windows 2000. The best way to do it would be with the "Group Policy" manager. You can add it using a blank MMC. You get a lot more functionality with this versus what the Policy Editor did for NT.

Share this post


Link to post

I've created a "test" user. Still can't seemed to make the policy stick using MMC. I just wanted to remove the "RUN" from start menu when user "test" log in. Of course administrator will have all access. Any idea??

Share this post


Link to post

How long did you wait to see if the policy was applied? Did you try forcing the GPO refresh for the workstation?

 

Do you have any errors showing in the DC's Event Viewer?

 

Regards,

Jim

Share this post


Link to post

Everything looks ok. Here's what I'm trying to accomplish. Create user1 profile to be able to run IE only when they log on to the win2k server. Everything else is not shown. I did it with NT 4.0 but don't know how in win2k. Anyone have a step by step??? thanks

Share this post


Link to post

Ooh, bytemangler, that's evil! I like it!

 

I don't know if I'll be of any help, but I want to understand the process. So, if you don't mind, I'd like to ask a few questions in case I ever want to lock someone down like this.

 

When you say you want this "user1" profile to be able to run IE only when logged onto the W2K server, do you mean locally or remotely? And you really don't want them to see ANYTHING else? So IE will come up in kiosk mode automatically at the terminus of the login, say by running "iexplore -k <whatever> /OK", where <whatever> is a local or remote Web page or a Web address? And you'd want to prohibit them from quitting, too, right?

Share this post


Link to post

Either locally or remotely. When "user1" logon to w2k and click on start the only thing they'll be able to do is log off and run Internet explorer. Right now user1 is setup to run as a w2k terminal server client with internet explorer access.

problem 1: user1 like to get on the **** site alot.

So I go and install a site blocking program, it work the way it suppose to.

problem 2: in order for the site blocking program to be effective a user have to completely login to w2k.

Well, unfortunately I have setup user1 to *only* load a "session" of terminal server so they never see the desktop at all, just the program assign to that session window (internet explorer included). It never got to the part that loaded the web site blocking services. The only thing I can think of is let the user log all the way to the desktop but also they can see everything, that's why I need to create a specifics policy for each user. Hope you can catch all this...if it make any sense. If anyone has a better idea throw it my way to try it.

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  

×