If you are attempting to remotely manage a Microsoft Exchange 2003 environment but your current operating system is Windows 7, you may find it quite hard to locate the correct tool for the job as i found when i upgraded my computer. To save everyone’s time I’ve avoided linking to an existing download site, and have decided to host the tool myself. The link to the tool is located at the bottom of this post. Unfortunately these tools only work with Windows 7 x86 and to date there have not been any Windows 7 x64 tool released.
Archive for 22/03/2011
There are a couple of different ways of locking down the desktop on a windows operating systems but the one this guide will be focusing on it by way of permission passed enforcement via a GPO. With help from the image below, the following steps will help you achieve this lock down method:
1. Create a new GPO and link to an OU that the client computers are contain in
2. Edit the GPO and under Computer Configration > Windows Settings > Security Settings then File System, click right and select New
3. Within the file path enter %UserProfile%\Desktop this will automatically resolve the users profile name saving you from adding each users profile path manually.
4. Press OK and select remove all security groups and users from the permissions menu and add the user security group or names you want this restriction to apply to. Set the permissions for the group of user to only have Read access and also add an administrative group with full control.
5. Within the Security Policy Settings windows, select the option forReplace existing permissions on all subfolders then click OK. This is the policy now configured.
6. Return to the Group Policy Management Console and set the security settings of the policy to either Authenticated User for define the security group you want this policy to apply to.