user configuration -> administrative templates -> windows components ->
windows explorer
2 different options:
Hide these specified drives in My Computer or Prevent access to drives from My Computer
out of curiosity, which GPO settings can be used to block access to the local drives ?************************************************
On 8/29/06, *Jon D* <rekcahpmip@xxxxxxxxx <mailto:rekcahpmip@xxxxxxxxx>> wrote:
Yeah I have GPOs in place to block access to the local drive, and I followed the MS TS best practice white papers. Is there anything else?
On 8/29/06, *Jeff Pitsch* <jepitsch@xxxxxxxxx
<mailto:jepitsch@xxxxxxxxx> > wrote:
you must ALWAYS treat published applications as if you were
publishing a desktop. Security by obscurity in TS is way to
easy to get around.
Jeff Pitsch Microsoft MVP - Terminal Server
Forums not enough? Get support from the experts at your business http://jeffpitschconsulting.com <http://jeffpitschconsulting.com/>
On 8/29/06, *Jon D* <rekcahpmip@xxxxxxxxx
<mailto:rekcahpmip@xxxxxxxxx>> wrote:
I'm thinking about publishing windows explorer on citrix
via the internet explorer like this:
"M:\Program Files\Internet Explorer\IEXPLORE.EXE" -e k:
Can anyone think of any potential issues, or reasons why
this would be a bad idea?
I tried to access the M: drive on the server through this
app, and even with domain admin rights, it doesn't seem to
allow you to do it, so I feel somewhat safe in regards to
that.... Not sure if I should feel safe, or if theres a
way around it.
Thanks in advance,
Jon
.
--
HBooGz:\>