Security settings while on Domain vs. Term. Services

[toyota_t100]

Hello,

One of our users is getting a new laptop (XP tablet PC
edition) whose old laptop had WinME. The user used to
log directly on to our domain (Windows 2000) while at the
facility for half the week, and also logged on via
Terminal Services on a dial-up connection while traveling
the rest of the time. The login info has been the same
for both environments. The Terminal Services session is
incredibly locked down and only 2 programs are allowed (a
database program and Outlook). The organizational unit
security settings had no affect on the user when logged
in onto the network directly while at the facility
becuase WinME isn't affected by it.

However, now that the user has a new XP machine, the
security settings implemented in the organizational unit
ARE affecting and restricting the user's login straight
onto the domain while in the office.

What can I do to retain the same login information, but
keep the environments different? I don't want to remove
all the restrictions on the Terminal Services session
becuase the user is logging on to the server (obviously)
and I don't want them accidentally doing something
wrong.

Thanks for your help!

Shawn

 

[Malke]

Hello,

One of our users is getting a new laptop (XP tablet PC
edition) whose old laptop had WinME. The user used to
log directly on to our domain (Windows 2000) while at the
facility for half the week, and also logged on via
Terminal Services on a dial-up connection while traveling
the rest of the time. The login info has been the same
for both environments. The Terminal Services session is
incredibly locked down and only 2 programs are allowed (a
database program and Outlook). The organizational unit
security settings had no affect on the user when logged
in onto the network directly while at the facility
becuase WinME isn't affected by it.

However, now that the user has a new XP machine, the
security settings implemented in the organizational unit
ARE affecting and restricting the user's login straight
onto the domain while in the office.

What can I do to retain the same login information, but
keep the environments different? I don't want to remove
all the restrictions on the Terminal Services session
becuase the user is logging on to the server (obviously)
and I don't want them accidentally doing something
wrong.

Hi, Shawn. Is Windows XP *Pro* installed on the Tablet? Home cannot join
a domain, so that might be part of the problem.

Malke

 

[Guest]

It's XP tablet PC edition which as far as I know only
comes in the XP Pro edition flavor. Either way, it's XP
Pro becuase I've already set it up to connect to the
domain in the network properties.

Thanks,

Shawn

 

[Malke]

It's XP tablet PC edition which as far as I know only
comes in the XP Pro edition flavor. Either way, it's XP
Pro becuase I've already set it up to connect to the
domain in the network properties.

Thanks,

Shawn

Drat. One always hopes the answer will be easy and obvious! ;-) I don't
have an answer for you, but perhaps posting in one of the Tablet groups
would be productive. Here's a link to a listing of all the MS
newsgroups:

http://aumha.org/nntp.htm

Good luck,

Malke