TechSpot

Server 2008 and local logon

  1. New guy here,

    We have a server 2008 R2 (32) which is a domain controller, we recently switched from open storage (6 raid-5 drives in the server) to closed storage (removing the drive) every night. I do not want staff pulling the power on a domain controller every night to remove the drives, so I looked in the GPO "log on locally' and 'allow shut down'.

    This works, however, the temptation is there to 'look around', see what we can see, etc.

    Is there a way, either a security setting or a batch file that staff without admin right can log onto a server, down the server correctly, but not open windows explore.

    I am thinking some way to write a script "IF logon server = \\DCSERVER then noaccess browsing" something like that, that is your are not an admin, and log onto a server, your Windows Explorer rights are limited.

    Thanks.

    b
     
  2. b.15101r.14944a

    b.15101r.14944a TS Rookie Topic Starter

    Ok, after thinking about this, not using a script but a local policy to "hide the C: drive"

    Is there a way assign a server local group to have the C: drive hidden from them?

    b.
     
  3. St1ckM4n

    St1ckM4n TS Evangelist Posts: 3,469   +622

    I think you're looking at the wrong end of the problem. In what way is removing a non-hot-plug drive from the server every night a good idea?
     
  4. b.15101r.14944a

    b.15101r.14944a TS Rookie Topic Starter

    When your customer ask you to and the tech staff stops questioning the question and follows orders. I thought this site had professional tech's? All I am hearing is challenging debates about what is asked of them
     
  5. St1ckM4n

    St1ckM4n TS Evangelist Posts: 3,469   +622

    I'm pretty sure you can allow shutdown commands to standard users. Then just set everything on the computer to only be read by administrators.

    Anyway, it all seems pretty silly if you have no idea how to do this stuff, and you're following the directions of a customer who seriously has no idea. Do everything at your own risk, cos it sounds like a cluster waiting to happen.
     


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.