W2K3 Terminal Server (sp1) clients and security

G

Guest

Clients can not see local printers even though option for drives and printers
are ticked. The local drives are visible though. Printers are lpt /usb and
network. 2ndly, users can see the system drive (c:\) and all applications.
How do I restrict to E: drive only and maybe one application only for all
users except administrators (all).
 
V

Vera Noest [MVP]

Printers:
check the EventLog on the server to see if redirection is attempted
at all. If you see *no* events regarding printer driver creation,
check the settings on the TS (TS Configuration - rdp-tcp connection
- properties - client settings).
If you see warnings and errors about a missing printer driver, map
the client printers to a native driver.
If you see other warnings and errors in the EventLog, post them
here.

239088 - Windows 2000 Terminal Services Server Logs Events 1111,
1105, and 1106
http://support.microsoft.com/?kbid=239088

Restrict drives: use a Group Policy to hide the drives on the TS.
Note that hiding drives is just a cosmetic feature, users will
still have access to those drives, so you will need to use NTFS
permissions on the file system as well to lock your server down.

231289 - Using Group Policy Objects to Hide Specified Drives in My
Computer for Windows 2000
http://support.microsoft.com/?kbid=231289

Locking Down Windows Server 2003 Terminal Server Sessions
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/tech
nologies/terminal/trmlckd.mspx
_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
___ please respond in newsgroup, NOT by private email ___
 
G

Guest

Thanks for the reply. Drives hidden and also using NTFS permissions. Many
Thanks...Still have problems with printing. TS Svr has no events for
printing. TS configuration has 'enabled' client settings for
printers/drives/default to client main printer. Client XPP also has local
disk drive and printer 'enabled'. Please assist soones. Kind Regards.
 
V

Vera Noest [MVP]

If the EventLog shows *no* events regarding printers, it seems that
printer redirection is not attempted at all.

Ambi, can you check if these printers use a custom port on the
client, like DOT4? If so, check this:

302361 - Printers That Use Ports That Do Not Begin With COM, LPT,
or USB Are Not Redirected in a Remote Desktop or Terminal Services
Session
http://support.microsoft.com/?kbid=302361
_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
___ please respond in newsgroup, NOT by private email ___
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Terminal server printing problem 2
Printer problem using terminal services 5
default (client) printer on terminal server 1
how to redirect a client drive in terminal services ( Windows 2000 Server) 1
printer sharenames change by themselves 2
All Server Printers missing in Client Session 1
client printer autoconfigure 1
Terminal Server Resetting client default printer!!! 1

Top