1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Setting Permissions, Lock Down!!

Discussion in 'Networks' started by Fluid, Jul 18, 2007.

  1. Fluid

    Fluid Byte Poster

    Right thanks for the help guys, managed to network 2 laptops (vista) to my pc (xp home) and i can share files and print which is great. Now i want to step it up a bit. I want to administrate a lock down on the 2 computers by blocking certain ports, and not giving them access to certain features such as right clicking on desktop, when they right click a box pops up prompting them for a password, not being able to right click on my comptuer, install or uninstall any software without a password. Just stuff like that really, what would i need to do this and how would i go about doing something like this?

    Thank you!
  2. Fergal1982

    Fergal1982 Petabyte Poster

    Cant you use windows firewall to lock down ports?

    As for not being able to install/uninstall programs, just make them a member of the users group, not admins. It wont prevent them downloading and running plain exe's but it will stop them installing (most) applications.

    I dont believe you can stop users from getting the context menu on the desktop. I think its just something they get - you can administer the policy on the machine to prevent them from changing certain things I believe though. Again, the same goes for the context menu on My Computer.
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  3. Fluid

    Fluid Byte Poster

    It's possible to do all does things amte, they are done all the time at work places, libraries, colleges, univeristy and schools!
  4. Fluid

    Fluid Byte Poster

    Also looking ports, i dont think you can actually use windows firewall to do this, i didnt even think you could do it. I know on most networks you would have to do it from your router, but here's the problem, if i block these ports from the rotuer, which i can do easily. I only want to block certain ports on two computers and then leave them open on the other two, by using the router to do this.. it would surely block the ports on all four instead of two right?
  5. Sparky
    Highly Decorated Member Award

    Sparky Zettabyte Poster Moderator

    Ok, you can lock down the PC to stop peeps installing software by using the security groups as Fergal has mentioned. Also look at the local group policy (click Start, click Run, type gpedit.msc) and see if this can give you more options.

    To lock down ports go into Windows firewall and then click the exceptions tab. In there click ‘add ports’ and then you can add a TCP\UDP port or port range.
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) Security+ Network+ A+
    WIP: Exchange 2007\2010
  6. Fluid

    Fluid Byte Poster

    gpedit.msc does not work....
  7. Stoney

    Stoney Megabyte Poster

    Use run > mmc then add the Group Policy editor snap in.

    I can't remember if a workgroup pc has group policy's on it. But you can edit the local security policy.

    You may have to create a policy and copy it to a flash drive then apply it to each pc.
    Certifications: 25 + 50 metre front crawl
    WIP: MCSA - Exam 70-270
  8. MacAllan

    MacAllan Byte Poster

    Certifications: A+, N+, CCNA
    WIP: CCNP, Linux+
  9. Fluid

    Fluid Byte Poster

    Thanks lads!

Share This Page