RE: Setting up laptops

Hello Johnny,

Thank you for posting here.

According to your description, I understand that you want to make the
laptops user can do their normal work and can not install software on
laptops. If I have misunderstood the problem, please don't hesitate to let
me know.

Based on my research, I suggest we try the following steps to meet your
request:

As you said, you want the user account can not install software on laptops,
I suggest that you can make the domain user account as a number of laptop
local users group. Then the user account will have no right to install
software on laptops, meanwhile, they can do their normal work.

1. After you join the laptop into SBS domain with ConnectComputer wizard,
the domain user account will set as a number of local administrators group

2. Then you can install the software as you want, like: office, AV software
etc.

3. Add the domain account as a number of users group, then remove the
domain user account from local administrators group

Note: Please set complex password for every laptop local administrator
account, and do not let the staff know it.

To enable OWA and VPN function on SBS:

1. Run CEICW

You have to rerun the CEICW to make sure your SBS 2003 server have right
network configuration. Go through the follow KB and Rerun CEICW again
carefully.

How to configure Internet access in Windows Small Business Server 2003
http://support.microsoft.com/kb/825763/en-us

Detailed steps for your reference:

a. On the SBS 2003 Server open the Server Management console. Go to
Standard Management\To Do List.

b. Click the "Connect to the Internet" link.

c. When navigating to the Firewall page, select "Enable firewall" and click
Next (I suppose you have 2 network adapters in SBS 2003).

d. On the "Services Configuration" page, select all the items and then
click Next.

e. On the "Web Services Configuration" page, make sure "Allow access to the
entire Web site from the Internet" is selected. If you select "Allow access
to only the following Web site services from the Internet", make sure all
item in the list are selected. Click Next.

f. On the "Web Server Certificate" page, choose to create a new Web server
certificate and then type the public FQDN (your new DNS name) that you will
use to access OWA and OMA (for example, if your public FQDN that you use to
access the sites is mail.xyz.com, you should type mail.xyz.com as the new
certificate name).

g. Go through the remaining steps.

This step will publish OWA to Internet, then you can access OWA via
http://mail.xyz.com/exchange/

2. Run Remote Access wizard

a) On the Small Business Server 2003-based server, click To Do List in the
left pane of the Server Management console.

b) Under Network Tasks, click Configure Remote Access.

c) Click Next, click Enable Remote Access, click to select the VPN Access
check box, and then click Next.

d) Type the fully qualified public domain name (FQDN) of your server, click
Next, and then click Finish.

e) When the wizard is completed, click Close.

This step will enable VPN server.

3. Go to the client and establish the VPN connection to the SBS Server, you
can refer to this KB article for more information:

How to configure a VPN connection to your corporate network in Windows XP
Professional
http://support.microsoft.com/default.aspx?scid=KB;EN-US;305550

Hope these steps will give you some help.

Thanks and have a nice day!

Best regards,

Terence Liu(MSFT)

Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security

=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.

Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.

For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Any input or comments in this thread are highly appreciated.
=====================================================

This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
| From: "Johnny" <JRC@xxxxxxxxxxxxx>
| Subject: Setting up laptops
| Date: Mon, 12 Mar 2007 15:27:35 -0000
| Lines: 24
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.3028
| X-RFC2646: Format=Flowed; Original
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028
| Message-ID: <efxvGsLZHHA.3968@xxxxxxxxxxxxxxxxxxxx>
| Newsgroups: microsoft.public.windows.server.sbs
| NNTP-Posting-Host: post.modburygroup.co.uk 82.152.16.178
| Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP06.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:22323
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Hi, i need to set up some laptops which will be used by users who are
very
| rarely in our offices.
|
| I will be installing specific software such as Office, and some other
| utilities onto the machines, and although I want them to be able to
access
| these installed programmes, I was them to be able to download Updates
etc.,
| and to run the AV software.
| I do NOT want them to be able to alter the configuration of the software.
|
| They will need to be able to create delete and modify folders - I just
dont
| want them to be able to install their own stuff.
|
| I need them to be able to vpn onto our SBS2003 server so that they can
| access their Exchange mailbox, and I want them to be able to have access
to
| OWA
|
| My question is what rights do I need to give them so that I stop them
| fiddling with the machines and adding bits and pieces of their own
software,
| but allow them to do their normal work.
|
| Thanks
| John
|
|
|

.

Relevant Pages

  • RE: trouble installing companyweb
    ... gone ahead and patched the server before continuing with step 13 of KB884453. ... sbs components that I could, ... install any 3rd-party software before you finish the installation. ... For the failed intranet component ...
    (microsoft.public.windows.server.sbs)
  • RE: Monitoring and Reporting
    ... I understand that you unable to get SBS ... monitoring report after you install Windows server 2003 sp2. ... To successfully install SBS 2003 SP1, ... Downloading and Installing Windows Small Business Server 2003 Service Pack 1 ...
    (microsoft.public.windows.server.sbs)
  • RE: SBS 2003 R2 - Please Help
    ... computers be slow after you install the full SBS 2003 R2 components. ... log on slow is probably refer to incorrect DNS ... as the DNS server on the clients rather than the ISP DNS servers. ...
    (microsoft.public.windows.server.sbs)
  • RE: Sharepoint Service, company web reinstallation
    ... Welcome to SBS newsgroup. ... I understand that you want to reinstall the companyweb on your SBS 2003 ... Business Server 2003 (If you are in the middle of RC to RTM upgrade, ... If AV software install any extra IIS virtual directory, ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS 2003 Fax Sharepoint Routing
    ... Business Server 2003 and click "Change/Remove", ... If the Fax Services component was original installed by using the SBS ... Install fro the Fax Server component. ... And then we should push the shared fax client application from server to ...
    (microsoft.public.windows.server.sbs)
Quantcast