How to restrict users working on Windows 7 clients from accessing Windows Explorer and other systems in the network through Group Policy with a domain controller running on Windows Server 2008 r2

Similar Messages

• How to restrict users in separate OU's from seeing each others presence

  We have an Enterprise Lync 2010 server environment in place, and are using msRTCSIP-GroupingID to restrict address book lookups. We are now looking to restrict presence viewing to only user within the same OU. In other words it should not be possible
  to see the presence of a user outside of your own OU, unless that user allows it explicitly.
  It seems that the Multitenant pack for Lync can arrange that, but it's just not feasible to install that when you already have an active Lync environment in production. Is it possible to achieve this separation another way? Maybe with msRTCSIP-TenantId?
  (which is already available in our current schema)

  Hi,
  Using the GroupingID will completely separate the users into unique address books. But searching by SIP URI will always work and you cannot prevent the users from communicating with other Lync users in the same organization. If you want
  to restrict presence viewing to specific users, you can try ABS Configuration Tool.
  http://www.justin-morris.net/how-to-hide-users-from-the-lync-address-book/
  Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found
  there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
  Kent Huang
  TechNet Community Support

• How to test domain controller on upgraded Win Server 2008 R2

  The windows team recently upgraded the development environment for the domain controller from 2003 to Windows 2008 R2 and I am to test the Idm functionality on this upgraded version. Our current configuration is that the DC and Idm gateway runs on different machines. To test this new DC, i want to install the idm gateway on that server and run some onboarding and termination test cases just to make sure if the AD connection is working on the upgraded DC. But i am getting ’Input/output error’ when i try to install the service and from the documentation it says 'The most common cause of this is that you do not have rights to work with this service.'. The server admin tried installing the gateway with his id as well and it failed. He tested installing in on the 2003 version of DC and it worked, so its not a matter of permission (i think..)...
  Does anyone have any better idea on how to test an upgrade of a DC from version 2003 to 2008 R2? Any help in this matter is appreciated. We are running Idm 8.1 on a Windows platform and an upgrade to OW 8.1.1. Patch 2 is also in the works..
  Thanks in advance.

  I may have found a workaround. Can you try to change the "compatibility mode" in 2008 R2 to "Windows XP SP3" and see if it will install?
  Admittedly I have not done this myself so I'm not entirely sure where or how it's done, but I have confirmation it resolves the issue from others who have faced it.

• [Forum FAQ] How to sync time with a Domain Controller for a standalone server

  As we all known, if a computer belongs to an Active Directory domain, it will sync the time automatically by using the Windows Time service that is available on Domain Controllers.
  While a standalone server will synchronize with its local hardware time and Windows time server. (Figure 1)
  Figure 1.
  Under some circumstances, a standalone server is necessary in a product environment. We can sync the time of this standalone server with the Domain Controller using
  the steps below:
  1. Modified the value of the AnnounceFlags:
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config
  Under this entry we can see the default value of AnnounceFlags is 10 (Decimal), we configure the value as 5 (Decimal). (Figure 2)
  Figure 2.
  2. Confirm the value of the registry key below is set to 0:
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer 
  Figure 3.
  3. Configure the standalone server to synchronize with a specific time source (Domain Controller).
  In our test, we configured our Domain Controller (192.168.10.200) as the time source. Used the following commands:
  w32tm /config /syncfromflags:manual /manualpeerlist:192.168.10.200
  4. Sync the time with the Domain Controller using the command below:
  w32tm /config /update
  From the figure below (Figure 4), you can see the after we did all the steps above, the time on the standalone server was synced with the Domain Controller.
  Figure 4.
  (Note: Peerlist is a separated list of DNS servers, or IP Addresses for the time servers)
  More information:
  Windows Time Service Tools and Settings
  http://technet.microsoft.com/en-us/library/cc773263(WS.10).aspx#w2k3tr_times_tools_dyax
  Please click to vote if the post helps you. This can be beneficial to other community members reading the thread.

  Thank you for the instruction! I am sure it is one of the scenarios that majority of administrators will run into. So I suggest to write a wiki about it and publish it for this month's TechNet Guru in Windows Server section. This month's TechNet Guru can
  be found here:
  Calling All Wise Men! Windows
  Server Gurus Needed! Apply Within! No One Turned Away!
  Thanks for your informative post. :)
  Regards.
  Mahdi Tehrani   |  
    |  
  www.mahditehrani.ir
  Please click on Propose As Answer or to mark this post as
  and helpful for other people.
  This posting is provided AS-IS with no warranties, and confers no rights.
  How to query members of 'Local Administrators' group in all computers?

• How to find the roots of other system in the network

  With out using RMI can we find the other system drive information(the roots available) from local(my) system..?

  public class roots{
  public static void main(String args[]) throws Exception
  System.out.println("The Drives are:");
  File[] roots = File.listRoots ();
       for (int i = 0; i < roots.length; i ++) {
       System.out.println (roots);
  This displaying the local system roots. Here how can i implement remote-filesystem protocol such as SMB or NFS .?
  I am not aware of this implementation as i am beginner ...
  kindly help me

• How to restrict user to get values only from F4 in selection screen

  Hi All,
     We have given a Search hlep for a parameter  in selection screen of a report,but now we are facing a issue, whlile executing the report user entering the data directly into  field instead of  selecting from F4 help.
    Do anyone  know how to restric the user from entering the data directly.
  i have searched the fourm ,but not get any good tread.
  Regards
  CB
  Moderator Message: Search harder, because there are many threads that have discussed the same issue before.
  Edited by: kishan P on Dec 27, 2010 4:00 PM

  You cna check my reply here To enter the value by selecting values from the F4 help only.

• How can I use iCloud to receive emails from my GMail account and when I reply, the reply email shows the email in which it was sent to, not the @iCloud address?

  I have my GMail account forwarding my emails to my @iCloud.com account which I like, but when I reply, it shows my address as @iCloud.com instead of the email address that was originally addressed to. Anyway to have iCloud reply to emails using the email address in the original email?

  You can't use iCloud's outgoing server to send with anything other than the iCloud address as the 'From' address. On your Mac you can set Mail to use the GMail outgoing server with your iCloud account (but then you can just access your GMail there anyway, so there's little point). On the iCloud website you can't do this; there is no way of using your Gmail address.

• How can two users work on iMovie?  My husband is working on a memorial video for a family member who passed, I plan to edit but he had to take his computer to work.  I have the iMovie project on a zip drive.  How do I get it to open in my imovie?

  How can two users work on iMovie?  My husband is working on a memorial video for a family member who passed, I plan to edit but he had to take his computer to work.  I have the iMovie project on a zip drive.  How do I get it to open in my imovie? 

  You will need an external drive that is formatted as MAC OS EXTENDED (journaled).
  Move the Project, Events, and any photos and music to the external drive by following the instructions in this post.
  https://discussions.apple.com/docs/DOC-4141
  Be sure to use CONSOLIDATE MEDIA to get the photos and music. Then plug this drive into your computer and you will be able to edit.

• How to restrict user to change original file in word document.

  Hi experts,
  I am begineer in DMS. I am not able to understand how to restrict user to make any changes to a word document attached any DIR or any object link.
  Ex: I have a created a DIR attaching a word doc to equipment master.
  However, the user is still able to make changes to that word document usign CV03 tcode. I am sure most of you might have faced this problem. Please respond.
  We are using SAP 3.1i version. It is very old version.
  Thanks in advance,
  Kiran

  Kiran,
         The task that you have mentioned could be accomplished by setting up a status network for your document type. While setting up the status network, SAP has defined statuses which could potentially lock objects and fields corresponding to that status type.
  More information could be found at
  http://help.sap.com/erp2005_ehp_03/helpdata/EN/9f/857f3a1c7b11d294d200a0c92f024a/frameset.htm
  I am not aware of 3.0i but you can navigate to customisation --> Cross Application Components --> Document Management --> Control Data --> Define Document Types --> Click on a doc type and go to
  define doc status.
  Here if you define a document with status type S the object is essentially locked for editing.
  Sojan

• !!!How to restrict user for making  changes in Sales order , partner level

  Hi all,
  Can anybody tell me how to restrict user for making  changes in Sales order  at partner level, is it through user exit?

  Hi Ruchi
  I hope u had gone to the screen fields which u want them not to be editable. So there u select all the fields contents which u do not want to to be changed and check the boxes with W.content and Display and save it. Once evrything is done u have to activate the particular transcation going in to the standard variants and put the name and click the activate button.
  Hope its clear
  Reward if help ful
  Sri

• How To Restrict Users To Only Create Purchase Requisitions with Item Catalog?

  Hi, everyone 
  Please help me, 
  How To Restrict Users To Only Create Purchase Requisitions with Item Catalog? is it possible? 
  Regards,   Manuel

  Hi Steenie Norman
  First click on the text item ---> Tools ---> Property Pallete ---->
  and change the Keyboard State to Local Only also this Depend in your OS
  hope this useful ....
  Regards
  Mohammed

• How to restrict user access in Oracle Application Server 10g (9.0.4)?

  Can anybody please let me know how to restrict user access in 10g AS? To be specific, how to allow http requests from specific IPs only?

  Hi,
  You have to edit httpd.conf and modify acces rights for each protected directory
  e.g.
  <Directory /var/www/sub/payroll/>
  Order allow,deny
  Allow from 192.168.1.0/24
  </Directory>
  then you have to restart Oracle HTTP Server
  jm--

• How to restrict user at selection screen while executing in background mode

  hi all,
  how to restrict user at selection screen while executing in background mode
  Regards
  Deepak

  Hi,
  We can get the Program whether this is running in background or not then we need to use SY-BATCH, if the SY-BATCH is set to X then the program is running in Background,
  so in the INITIALIZATION event, you can use this SY-BATCH and check the User names, and give the error messsage which you want to restrict
  Regards
  Sudheer

• How to restrict user to post document segment wise/Profit center wise

  My client wants to restrict users segment wise to post account document.
  we use documnet splitting segment wise.
  Thanks
  Chinmaya.

  Hi
  Check with your BASIS guy if authorization object is available for the field SEGMENT... There are some issues yet with this because it is not available in some T codes
  If the same is not available, you can ask your ABAPer to create a Z authorization object for this field and write a small ABAP code in the exit RGGBR000 (FI validation)
  Sample code is attached below to check auth for Plant in Internal order...ZCO_INTPORD was the Z auth object created...
  CHECK i_aufk-bukrs  IS NOT INITIAL.
  CHECK i_aufk-werks  IS NOT INITIAL.
  AUTHORITY-CHECK OBJECT 'ZCO_INTORD'
           ID 'BUKRS' FIELD i_aufk-bukrs
           ID 'WERKS' FIELD i_aufk-werks
           ID 'ACTVT' DUMMY.
  IF sy-subrc = 4.
    MESSAGE e398(00) WITH 'You do not have sufficent Authorization'.
  ENDIF.
  Regards
  Ajay M

• How to restrict user to must enter value in compulsory fields

  Greetings !
  I had a personal information form. I want to restrict user to enter values in all fields e.g Compulsory fields (Username, D.O.B etc)
  how i restrict user to must enter value in Compulsory fields

  I created an example on apex.oracle.com
  http://apex.oracle.com/pls/apex/f?p=18686:1:0:::::
  like you see a red staric placed on ID it means it is complusory to enter because it is a primary key, i want this on every field or to restrict user to enter all data , if any field left blank it will give error "to Fill respective field ", but not on creation but on left blank (if user type ID e.g 12 and skip ename field and go on Job field it gives error to fill Ename first)