Guest Andy1974 Posted March 31, 2009 Posted March 31, 2009 Would like to know if there is a way to limit access to server via RDP. Would like to limit access for user to be able to manage\run 3rd party program that is installed on the server. One server is a domain controller and the otehr is a member server. Should not have access to mange active directory, DNS, delete files, etc. Quote
Guest Newell White Posted April 1, 2009 Posted April 1, 2009 "Andy1974" wrote: <span style="color:blue"> > Would like to know if there is a way to limit access to server via RDP. > Would like to limit access for user to be able to managerun 3rd party > program that is installed on the server. One server is a domain controller > and the otehr is a member server. Should not have access to mange active > directory, DNS, delete files, etc.</span> No direct experience as we don't run 3rd party apps on our servers. But I would try doing this: 1) In AD create a user account say apprunner. 2) Give apprunner propagated traverse folder permission on the server C:\ drive. 3) Give apprunner propagated read/write/modify permission in C:\Program Files\3rdpartyapp\ 4) Add apprunner to the built-in remote desktop users group on the server. This will probably fail because 3rdpartyapp is reading or writing files outside it's own folder. Give apprunner appropriate permissions by trial and error. -- Regards, Newell White Quote
Guest Anteaus Posted April 11, 2009 Posted April 11, 2009 This sounds like a case for a virtual machine. Much safer than allowing an untrusted person server-console access. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.