Re: Remote web workplace
- From: "Doug Taylor" <dtaylor@xxxxxxxxxx>
- Date: Sun, 20 May 2007 10:02:44 +1200
Thanks for your reply.
Its not a question of trusting the admin we just dont wont administrators
connecting to our network remotely.
We have a local domain administrator that has all the rights blah blah and
has a weeker password. We then have a remote admin user that is also a
domain admin has a stronger password and is able to connect over remote web
workplace. Infact they are the same person. We however at times need to
get the the office manager to carry out certian tasks when we are unable to
attend site. We give them the local admin user details. They dont have the
skills (and would not want) to reconfigure the server to give themselves
remote access and we trust them in this matter. However if these details
fall into the wrong hands we would like to restrict access to RWW from this
user (the local amin) so that they cant access the network externally
through RWW.
This is not a matter of semantics but a question of how is it achieved .
To test things we have removed the admininstrator template(the only
reference to the administrator was the administrator template under the
member tag) from the RWW group but the adminiustrator is still able to
connect using RWW.
1. Perhaps now the template has been removed we need recreate the local
admin users to remove his rights etc. ... worth a try.
2. Under group policy u can achieve things like restricting logon locally,
access computer from the network etc but I have not found any setting
related to RWW.
3. Do we have any control over which users can utilise RWW eg through
GPolicy settings (have not seen any ).
Rather than the reasoning behind the question does any one know how to
achieve the task at hand.
Once again thanks in advance
Cheers
Douglas
"Cris Hanna [SBS-MVP]" <crisnospamhanna@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
wrote in message news:OWp$$CLmHHA.4772@xxxxxxxxxxxxxxxxxxxxxxx
Sure its possible to remove them from the group..
Whats to stop him from putting himself back? He is after all the admin
If you don't trust the Administrator of your network enough that you feel
you have to start revoking priviledges (that obviously he can restore)
Its time to get a new admin
--
Cris Hanna [SBS-MVP]
-------------------------------------------------
Microsoft MVPs
Independent Experts (MVPs do not work for MS)
Real World Answers
---------------------------------------------------------
Please do not contact me directly regarding issues
"Doug Taylor" <dtaylor@xxxxxxxxxx> wrote in message
news:%23wKGzTHmHHA.3484@xxxxxxxxxxxxxxxxxxxxxxx
Hiya
We are running sbs2003 r2. Is there any way to deny the administrator
the ability to connect through remote web workplace. There dont seem to
be any settings in the group policy for enabling or disabling users. I
want the admin to be able to rdp into the server when connected to the
local lan but not remotely from the internet. Is it possible to remove
the administrator form the remote web workplace users group etc.
Thanks
in advance
Douglas
.
- Follow-Ups:
- Re: Remote web workplace
- From: Cris Hanna [SBS-MVP]
- Re: Remote web workplace
- From: Henry Craven {SBS-MVP}
- Re: Remote web workplace
- References:
- Remote web workplace
- From: Doug Taylor
- Re: Remote web workplace
- From: Cris Hanna [SBS-MVP]
- Remote web workplace
- Prev by Date: Re: mssbsssr.exe
- Next by Date: Re: Remote web workplace
- Previous by thread: Re: Remote web workplace
- Next by thread: Re: Remote web workplace
- Index(es):
Relevant Pages
|
