bulletThe ID Security Suite News Archive is being updated on regular basis, so please check in from time to time for up to date articles on PC Security issues.

lock windows server 2008

Windows 2008 ServerYou can use Group Policies to lock down a Terminal Server session on a Microsoft Windows Server 2008-based or Microsoft Windows 2000-based computer. With the following settings, even the administrator account will have restricted access. It is highly recommended that you create a new organizational unit instead of modifying the policies on an existing one.

Note: The use of these policies does not guarantee a secure computer, and you should use them only as a guideline. ID Security Suite offers you also a usb lock, device lock and folder lock solution.

The Dsacls.exe tool
Dsacls.exe is a command-line tool that you can use to query the security attributes and to change permissions and security attributes of Active Directory objects. It is the command-line equivalent of the Security tab in the Windows Active Directory snap-in tools such as Active Directory Users and Computers and Active Directory Sites and Services. You can use Dsacls.exe to lock out Terminal Services end-users from files and folders on a Windows Server 2003-based computer or a Microsoft Windows 2000-based computer.

Check also the article: How to use Dsacls.exe in Windows Server 2003 and Windows 2000 and the attached PDF document to this post.