showing posts tagged with 'lockdown'
by lunarg on July 2nd 2012, at 17:19
This article is a reference to a number of articles and links to provide information about how to succesfully lock down your Remote Desktop Server (2008R2) or Terminal Server (2003 / 2008). It is not a definite guide to how to perform a lock down, but will provide certain pointers, and highlight certain pitfalls. It is a work-in-progress and several additions will be made as the guide progresses.

You obviously need a Windows-domain running AD for lockdown to work properly. A standalone server running a local group policy can't be locked down enough to be useful. A domain is highly recommended.

Your DC or a member server (can be the RDS / TS as well) should have the Group Policy Mana  ...
by lunarg on July 2nd 2012, at 17:18
To always show the Computer icon on the desktop via GPO, there are several things to be set. Aside of the obvious setting in GPO, you also have to add a registry entry through GPP to automatically show the Computer icon on desktop.

In User Configuration, Preferences, Windows Settings, Registry, add a new entry. Whether you want to enforce or not, is up to you. Either choose create (only applied once), or Replace (always apply).

The value is a DWORD value in HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel, named {20D04FE0-3AEA-1069-A2D8-08002B30309D}. This is the CLSID for the Computer icon. Set it to 0 to have the icon shown on user's des  ...
by lunarg on July 2nd 2012, at 13:59
For the proper application of all parts of a GPO, including the Group Policy Preferences (GPP), you need to install the right client on your client computers. You can find a list of download links below.

Windows XP:

Windows XP x64:

Windows 2003:

Windows 2003 x64:

Windows Vista:

Windows Vista x64:

Starting from Vista SP2, you no longe  ...
showing posts tagged with 'lockdown'