Hello,
Can anyone tell me (or direct me to a KB article) how I
should setup a terminal server so that when a client logs
on, they are directed to a certain program or function
and can access NO other part of the OS or the programs
loaded on the server?

Thanks in advance!!

You can define a Starting application in the rdp-tcp Connection
Configuration, or in a Group Policy. That means that users will
automatically launch that application on connection and never see
the desktop. When the end the application, there session is ended.

Good as this sounds, you would still need to take some other
security arrangements. It is fairly easy to start explorer, a
command window or whatever program you like from within almost any
program.

Also there, policies are your best friend, together with NTFS
security on the file system.

186566 - Connection Configuration in Terminal Server
http://support.microsoft.com/?kbid=186566

278295 - How to Lock Down a Windows 2000 Terminal Services Session
http://support.microsoft.com/?kbid=278295

260370 - How to Apply Group Policy Objects to Terminal Services
Servers
http://support.microsoft.com/?kbid=260370

231287 - Loopback Processing of Group Policy
http://support.microsoft.com/?kbid=231287

--
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
http://hem.fyristorg.com/vera/IT
--- please respond in newsgroup ---

"Neil" <(E-Mail Removed)> wrote in news:0da501c3d60b
$9ff7fe40$(E-Mail Removed):

> Hello,
> Can anyone tell me (or direct me to a KB article) how I
> should setup a terminal server so that when a client logs
> on, they are directed to a certain program or function
> and can access NO other part of the OS or the programs
> loaded on the server?
>
> Thanks in advance!!

I will give it a try.

Thanks alot Vera!!
>-----Original Message-----
>You can define a Starting application in the rdp-tcp
Connection
>Configuration, or in a Group Policy. That means that
users will
>automatically launch that application on connection and
never see
>the desktop. When the end the application, there session
is ended.
>
>Good as this sounds, you would still need to take some
other
>security arrangements. It is fairly easy to start
explorer, a
>command window or whatever program you like from within
almost any
>program.
>
>Also there, policies are your best friend, together with
NTFS
>security on the file system.
>
>186566 - Connection Configuration in Terminal Server
>http://support.microsoft.com/?kbid=186566
>
>278295 - How to Lock Down a Windows 2000 Terminal
Services Session
>http://support.microsoft.com/?kbid=278295
>
>260370 - How to Apply Group Policy Objects to Terminal
Services
>Servers
>http://support.microsoft.com/?kbid=260370
>
>231287 - Loopback Processing of Group Policy
>http://support.microsoft.com/?kbid=231287
>
> --
>Vera Noest
>MCSE, CCEA, Microsoft MVP - Terminal Server
>http://hem.fyristorg.com/vera/IT
> --- please respond in newsgroup ---
>
>"Neil" <(E-Mail Removed)> wrote in
news:0da501c3d60b
>$9ff7fe40$(E-Mail Removed):
>
>> Hello,
>> Can anyone tell me (or direct me to a KB article) how
I
>> should setup a terminal server so that when a client
logs
>> on, they are directed to a certain program or function
>> and can access NO other part of the OS or the programs
>> loaded on the server?
>>
>> Thanks in advance!!
>.
>