P
pjp
New install of XP Pro by a 20+ year programmer that's more or less a pc
"guru" but have never had longterm exposure to network concerns except at
the application coding level, e.g. how to connect in code etc.
I run a small ethernet inside my home with this pc running XP (now but will
retain dual-boot back to 98SE for foreseeable future) and my wife and kids
each with their own pc.
I'm not concerned or seeking information about "ethernet security" as I
think I have a handle on that. I'm looking for insight into the multipule
accounts I have setup under XP (never bothered under 98) so I can allow the
other members of my family, friends etc.to use this pc (which has the
"fancy" hardware attached, e.g. video capture, dvd player, webcam, scanner,
3daccel games) but under restricted conditions.
Everything seems to be centered around "Groups", e.g. I have the Admin
account, one for each of my kids (users) and wife (power user), myself
(Admin) and as well as the Guest account all setup. I'd like to concentrate
on the Guest account and what I'd like for that Guest account. I'm willing
to create a "Group" for every user if that's what it takes. Here's what I
have imagined for the Guest account ...
Just icons I choose on desktop are "runable". No right click menu for any
icon (including taskbar, trayicons and start menu), no anything in the start
menu of any sort except the Log Off button. No special key combo's to invoke
pop-up dialogs etc. of any sort. No ability to "Browse" anywhere from within
any "Open/Save" option (e.g. they're at root of drive with no other
drives/folders available) within any program I do allow them to run. No
ability to change any IE settings and certainly not the ability to install,
run or save to disk any "anything" off the net (e.g. ActiveX controls etc.
included).
I know I'm new to this but I don't seem to be able to find anyway to
indicate "this user" and then specify "can do this" and "not this". I'm
finding it difficult that things seem to propagate across "Groups". The
Group Policy Editor etc. all seem to make sense but I'll be damned if I can
infer from what I've tried so far to accomplish what I want.
Any suggestions, how to's etc. appreciated, including I don't mind reading
so url's welcome.
"guru" but have never had longterm exposure to network concerns except at
the application coding level, e.g. how to connect in code etc.
I run a small ethernet inside my home with this pc running XP (now but will
retain dual-boot back to 98SE for foreseeable future) and my wife and kids
each with their own pc.
I'm not concerned or seeking information about "ethernet security" as I
think I have a handle on that. I'm looking for insight into the multipule
accounts I have setup under XP (never bothered under 98) so I can allow the
other members of my family, friends etc.to use this pc (which has the
"fancy" hardware attached, e.g. video capture, dvd player, webcam, scanner,
3daccel games) but under restricted conditions.
Everything seems to be centered around "Groups", e.g. I have the Admin
account, one for each of my kids (users) and wife (power user), myself
(Admin) and as well as the Guest account all setup. I'd like to concentrate
on the Guest account and what I'd like for that Guest account. I'm willing
to create a "Group" for every user if that's what it takes. Here's what I
have imagined for the Guest account ...
Just icons I choose on desktop are "runable". No right click menu for any
icon (including taskbar, trayicons and start menu), no anything in the start
menu of any sort except the Log Off button. No special key combo's to invoke
pop-up dialogs etc. of any sort. No ability to "Browse" anywhere from within
any "Open/Save" option (e.g. they're at root of drive with no other
drives/folders available) within any program I do allow them to run. No
ability to change any IE settings and certainly not the ability to install,
run or save to disk any "anything" off the net (e.g. ActiveX controls etc.
included).
I know I'm new to this but I don't seem to be able to find anyway to
indicate "this user" and then specify "can do this" and "not this". I'm
finding it difficult that things seem to propagate across "Groups". The
Group Policy Editor etc. all seem to make sense but I'll be damned if I can
infer from what I've tried so far to accomplish what I want.
Any suggestions, how to's etc. appreciated, including I don't mind reading
so url's welcome.