Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

How can I restrict individual users from accessing admin tools?

I am working on a Windows 2000 server domain and am relatively new to group policy.

I set up a company with remote access via VPN/Terminal Server so that one particular employee can work from home. She dials into the server (she is on Windows XP Professional) to work in an Access database that is running on the server.

All is fine. However, when she goes to Settings- > Control Panel, she can see all the admin tools. So I went into the group policy for the local machine and found the piece that allows me to turn off access to the Control Panel or parts of it. When I turn off access to the admin tools, she can't see them anymore. That's great. However, no one else can, including me as the administrator. So, I was wondering how to apply that particular policy (or any policy for that matter) to either a particular person or group.
You need to set this policy for the user, not for the terminal server. Configure the policy for the user's organizational unit (OU) (the relevant setting is in User Configuration -> Administrative Templates -> Control Panel), and you should be able to turn it off for the members of that OU without affecting you.

Dig Deeper on Windows client management

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.