I am working on a Windows 2000 server domain and am relatively new to group policy.
I set up a company with remote access via VPN/Terminal Server so that one particular employee can work from home. She dials into the server (she is on Windows XP Professional) to work in an Access database that is running on the server.
All is fine. However, when she goes to Settings- > Control Panel, she can see all the admin tools. So I went into the group policy for the local machine and found the piece that allows me to turn off access to the Control Panel or parts of it. When I turn off access to the admin tools, she can't see them anymore. That's great. However, no one else can, including me as the administrator. So, I was wondering how to apply that particular policy (or any policy for that matter) to either a particular person or group.
You need to set this policy for the user, not for the terminal server. Configure the policy for the user's organizational unit (OU) (the relevant setting is in User Configuration -> Administrative Templates -> Control Panel), and you should be able to turn it off for the members of that OU without affecting you.
Related Q&A from Christa Anderson
Expert Christa Anderson advises how to map images on a network share for user on a terminal server.continue reading
Expert Christa Anderson offers some ideas for monitoring who is connecting to a terminal server, and when they are connecting.continue reading
Expert Christa Anderson explains why it isn't possible to allow drive mapping with Windows 2000 Terminal Services.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.