Implementing Security Policies

[Jason]

I will be setting up a small network with a few computers
that will be used as public terminals. These computers
will have access to the internet. I would like to setup
controls on each of these to limit the users access to the
computer and control panels. Would anyone have any
recommendations on programs to use in order to do this?

- Jason

 

[Steven L Umbach]

If users do not need to store files on the hard drive and the computers will
not need to share files or be managed remotely, consider letting the users
use the guest account and uninstall file and print sharing. The guest
account does not store a profile when a guest logs off. You would also need
to change ntfs permissions on the drive/root folder so that the everyone
group has just list/read/execute permissions.

If the guest account would not work, I would still make changes o the
drive/root folder for ntfs. Then you can use gpedit.msc to invoke local
Group Policy and lock down the computer with appropriate settings there,
keeping in mind that by default local Group Policy settings affect ALL users
on a computer, including administrator [you should also do this if you use
guest account]. An administrator could still manage computer remotely if
file and print sharing is enabled or filter himself from the local user
policies by giving himself deny ntfs permissions on the
\winnt\system32\group policy\user folder. --- Steve

 

[Guest]

Jason:

If you could describe your network configuration in a
little more detail, I might have some helpful suggestions
for you.