Security question 1

[KeyTech]

Hi,
We have a couple of NT4 machines that we use for training people in AutoCAD apps. These all log on to our domain with a username and password.
What we also want to do now is to have these PC's as 'swapout' machines. That is, if a client has a pc that needs repairing, we can take it back to our office for repair and send out our swapout machines.
As these are being used as cad workstations also, when they are being swapped out, we dont want people using that cad apps. How can we deny access to the apps when they are swapped on site, weather they are logged on to their domain or just stand alone etc.

Will it work if I give NO ACCESS to the location of the exe/app's to everyone...and allow only my domain users? Will that work seing as they have FAT partitions?

thanks. Jay~

My new Tae Kwon Do website is up and running!!

http://www.airport-tkd.com

~KeyTech

 

[jaeddy]

With FAT partitions you have no local security options at all, only with NTFS can you set security on files and folders for users logged on to that machine.

Also, even if you were using NTFS, setting NO ACCESS to the Everyone group would lock everyone out regardless of what other security settings existed- in NTFS an explicit denial of access overrrides any other permissions that might exist.

What you could do would be to first convert to NTFS, then add full control access to the Admin/Domain Admin group. Next remove permissions for all other groups, then add read/write/execute permissions to your domain users (or whatever group you use for training purposes). In this case, anyone who lacks explicit permission to the files won't be able to access them.

 

[KeyTech]

Thank Jeddy I'll try that, I can experment with the drives etc as I have only just reformatted them... Jay~

My new Tae Kwon Do website is up and running!!

http://www.airport-tkd.com

~KeyTech