2

I've got what may very well be an amazingly simple question (or not). Basically at the office we're using RDC and LOGMEIN-CENTRAL to manage access to computers. This allows branch offices access to internal machines. There is one machine in particular that we need to lock down and allow folks to access but give them no local permissions. Basically anyone logging in to this machine will have internet access, and the ability to grab files from that one machine alone, but absolutely no other network privileges at all (i.e. can't see other local machines, printers etc). There is no domain server, LDAP, etc -- simply XP machines in a workgroup.

So I'm wondering, how exactly do I so something even remotely similar to this? Can I simply remove something like "Client for Microsoft Networks", or does XP have some sort of Group Policy I can edit?

Best.

humble_coder
  • 533
  • 2
  • 6
  • 14

1 Answers1

1

If you want to keep users from both seeing and accessing network resources you can do the following:

  1. Disable or uninstall "Client for Microsoft Networks" in the properties of the NIC

  2. Disable or uninstall "File and Printer Sharing for Microsoft Networks" in the properties of the NIC

  3. Stop and disable the Server and Workstation services

joeqwerty
  • 108,377
  • 6
  • 80
  • 171
  • Gotcha. I'll do that as a last resort. Are there any ways to control permissions on a per-user basis? – humble_coder Feb 22 '10 at 17:32
  • Could you be more specific? What and how do you want to control things? In your question you asked how to prevent users from accessing network resources and my answer answers that. Do you mean that you want to grant some users access to network resources and not others? All of the computers are in a workgroup not a domain? Things could get complicated fairly quickly depending on exactly what you're trying to achieve. – joeqwerty Feb 22 '10 at 18:21
  • Well, I was hoping for a solution to micro-manage each login. It's not required, but I figured I'd get a holistic solution as opposed to the first then be asked for the other. – humble_coder Feb 22 '10 at 19:36