Restrict access to networked computers
- From: "Coop" <Coop@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 1 Apr 2005 22:45:01 -0800
I have a small 2003 AD domain. I set up 2003 Terminal Services on one
computer for testing MetaFrame Presetation Server 3.0. We have a team of
developers who are upgrading our ERP software (PeopleSoft). The ERP client
application is published on the TS/Citrix box. The developers want to be
able to gain access to the desktop of the TS/Citrix box via MetaFrame's Web
Interface so they can do development against the client app on the box. So
far, not a problem - I already have the desktop published and accessible via
the Internet. From their TS sessions, they also need to access the
PeopleSoft database server. Obviously, they will need full access to the TS
box once they authenticate. My question is how to lock down the TS box so
the developers can only access the database server and no others on my
network. Also, I don't want them running any MMC in which they can access my
AD objects. I'm sure these are basic AD lockdown techniques, but I've been
away from AD for a couple years so I'm a little rusty. Appreciate your help
on this one. (PS - I could isolate the TS box on the DMZ segment on my
firewall instead of on my LAN, but I already have MetaFrame working well, and
would hate to have to reinstall everything.)
.
- Prev by Date: remove GP
- Next by Date: Re: remove GP
- Previous by thread: remove GP
- Next by thread: How do you remove old "lingering" DHCP servers from AD
- Index(es):
Relevant Pages
|
