Jump to content

Remove Desktop from Open/Save dialogs

Guest DLecool

By Guest DLecool
in Windows NT Server

 Share

Recommended Posts

Guest DLecool

Guest DLecool

Posted
Posted

Terminal Server 2k3 is running in application mode, i.e. an application is

launched upon logon and user has no access to desktop. Server drives are

hidden via GPO, however when the user tries to save or open files he can

still store files on the Desktop. Can that be removed so the only place a

user can save/load files from are his mapped drives i.e. his machine and

nowhere else?

 

Thanks!

  • Replies 3
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Vera Noest [MVP]

Guest Vera Noest [MVP]

Posted
Posted

Re: Remove Desktop from Open/Save dialogs

 

Hiding drives is only a cosmetic feature, not a security feature. And

as you have noticed, your users will still be able to get to the

desktop and the local file system in many ways, the "Open file..." or

"Save file..." dialog box in many applications is just one method.

If you want to limit where users can save files, you should use NTFS

permissions.

In your case, you could use a GPO with Folder redirection and define

a customized desktop for all users. You can make this customized

Desktop folder ReadOnly.

_________________________________________________________

Vera Noest

MCSE, CCEA, Microsoft MVP - Terminal Server

TS troubleshooting: http://ts.veranoest.net

___ please respond in newsgroup, NOT by private email ___

 

=?Utf-8?B?RExlY29vbA==?= <DLecool@discussions.microsoft.com> wrote

on 14 sep 2007 in microsoft.public.windows.terminal_services:

> Terminal Server 2k3 is running in application mode, i.e. an

> application is launched upon logon and user has no access to

> desktop. Server drives are hidden via GPO, however when the user

> tries to save or open files he can still store files on the

> Desktop. Can that be removed so the only place a user can

> save/load files from are his mapped drives i.e. his machine and

> nowhere else?

>

> Thanks!

Guest DLecool

Guest DLecool

Posted
Posted

Re: Remove Desktop from Open/Save dialogs

 

Thanks! I did just that and it worked beautifully.

 

"Vera Noest [MVP]" wrote:

> Hiding drives is only a cosmetic feature, not a security feature. And

> as you have noticed, your users will still be able to get to the

> desktop and the local file system in many ways, the "Open file..." or

> "Save file..." dialog box in many applications is just one method.

> If you want to limit where users can save files, you should use NTFS

> permissions.

> In your case, you could use a GPO with Folder redirection and define

> a customized desktop for all users. You can make this customized

> Desktop folder ReadOnly.

> _________________________________________________________

> Vera Noest

> MCSE, CCEA, Microsoft MVP - Terminal Server

> TS troubleshooting: http://ts.veranoest.net

> ___ please respond in newsgroup, NOT by private email ___

>

> =?Utf-8?B?RExlY29vbA==?= <DLecool@discussions.microsoft.com> wrote

> on 14 sep 2007 in microsoft.public.windows.terminal_services:

>

> > Terminal Server 2k3 is running in application mode, i.e. an

> > application is launched upon logon and user has no access to

> > desktop. Server drives are hidden via GPO, however when the user

> > tries to save or open files he can still store files on the

> > Desktop. Can that be removed so the only place a user can

> > save/load files from are his mapped drives i.e. his machine and

> > nowhere else?

> >

> > Thanks!

>

Guest Vera Noest [MVP]

Guest Vera Noest [MVP]

Posted
Posted

Re: Remove Desktop from Open/Save dialogs

 

You're welcome. I'm glad that your problem is solved, and thanks

for reporting the results back here!

_________________________________________________________

Vera Noest

MCSE, CCEA, Microsoft MVP - Terminal Server

TS troubleshooting: http://ts.veranoest.net

___ please respond in newsgroup, NOT by private email ___

 

=?Utf-8?B?RExlY29vbA==?= <DLecool@discussions.microsoft.com> wrote

on 14 sep 2007 in microsoft.public.windows.terminal_services:

> Thanks! I did just that and it worked beautifully.

>

> "Vera Noest [MVP]" wrote:

>

>> Hiding drives is only a cosmetic feature, not a security

>> feature. And as you have noticed, your users will still be able

>> to get to the desktop and the local file system in many ways,

>> the "Open file..." or "Save file..." dialog box in many

>> applications is just one method. If you want to limit where

>> users can save files, you should use NTFS permissions.

>> In your case, you could use a GPO with Folder redirection and

>> define a customized desktop for all users. You can make this

>> customized Desktop folder ReadOnly.

>> _________________________________________________________

>> Vera Noest

>> MCSE, CCEA, Microsoft MVP - Terminal Server

>> TS troubleshooting: http://ts.veranoest.net

>> ___ please respond in newsgroup, NOT by private email ___

>>

>> =?Utf-8?B?RExlY29vbA==?= <DLecool@discussions.microsoft.com>

>> wrote on 14 sep 2007 in

>> microsoft.public.windows.terminal_services:

>>

>> > Terminal Server 2k3 is running in application mode, i.e. an

>> > application is launched upon logon and user has no access to

>> > desktop. Server drives are hidden via GPO, however when the

>> > user tries to save or open files he can still store files on

>> > the Desktop. Can that be removed so the only place a user can

>> > save/load files from are his mapped drives i.e. his machine

>> > and nowhere else?

>> >

>> > Thanks!

 Share
Go to topic listing
×
×
  • Create New...