Re: OT: Lock VPN settings from being Changed by user?
- From: "Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]" <sbradcpa@xxxxxxxxxxx>
- Date: Sun, 28 Aug 2005 12:55:24 -0700
http://download.microsoft.com/download/a/a/3/aa32239c-3a23-46ef-ba8b-da786e167e5e/PolicySettings.xls
Yup it's a group policy setting.... looks like this is do-able.
Start a program on connection
At least Microsoft Windows XP Terminal Services
Configures Terminal Services to run a specified program automatically upon connection. You can use this setting to specify a program to run automatically when a user logs on to a remote computer. By default, Terminal Services sessions provide access to the full Windows desktop, unless otherwise specified with this setting, by the server administrator, or by the user in configuring the client connection. Enabling this setting overrides the Start Program settings set by the server administrator or user. The Start menu and Windows Desktop are not displayed, and when the user exits the program the session is automatically logged off. To use this setting, in Program path and file name, type the fully qualified path and file name of the executable file to be run when the user logs on. If necessary, in Working Directory, type the fully qualified path to the starting directory for the program. If you leave Working Directory blank, the program runs with its default working directory. If the specified program path, file name, or working directory is not the name of a valid directory, the terminal server connection fails with an error message. If the status is set to Enabled, Terminal Services sessions automatically run the specified program and use the specified Working Directory (or the program default directory, if Working Directory is not specified) as the working directory for the program. If the status is set to Disabled or Not Configured, Terminal Services sessions start with the full desktop, unless the server administrator or user specify otherwise. (See Computer Config\Administrative templates\Windows Components\System\Logon\Run these programs at user logon setting.)
Note: This setting appears in both Computer Configuration and User Configuration. If both settings are configured, the Computer Configuration setting overrides. HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!InitialProgram, HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!WorkDirectory, HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fInheritInitialProgram
Russ Grover wrote:
I know there must be someone who has done this...
Is there anyway to LOCK the Application Run (From user Disabling it) In the VPN Connection?
Image of what I'm talking about. http://www.smallbusinessitsupport.com/images/LockVPNprogram.jpg
Is there a way to HIDE the box "Start the Following Program"?
This way they are FORCED into Running the application? I have a customer who has users that want to disable this all the time...
Thanks
Russ P.S. Yes, The firing will continue, until moral improves....
--
An open letter to the Security Community:: http://msmvps.com/bradley/archive/2004/12/12/23540.aspx
.
- Follow-Ups:
- Re: OT: Lock VPN settings from being Changed by user?
- From: Russ Grover
- Re: OT: Lock VPN settings from being Changed by user?
- References:
- OT: Lock VPN settings from being Changed by user?
- From: Russ Grover
- OT: Lock VPN settings from being Changed by user?
- Prev by Date: Re: Installing Fax Services
- Next by Date: Remote Access
- Previous by thread: OT: Lock VPN settings from being Changed by user?
- Next by thread: Re: OT: Lock VPN settings from being Changed by user?
- Index(es):
Relevant Pages
|
