[THIN] Re: OT: GPO policy
- From: "Joe Shonk" <JShonk@xxxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Tue, 8 Apr 2003 15:17:49 -0700
They did really remove it from Win 9x. The Windows 2000 OS came from =
the NT lineage. The Win 9x OS came from another lineage. About the =
only this that is similar is the GUI and the Win32 APIs.
Joe
-----Original Message-----
From: Chris Lynch [mailto:lynch00@xxxxxxx]
Sent: Tuesday, April 08, 2003 3:05 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: OT: GPO policy
=3D20
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Thanks for your reply and suggestion. That's a little more than I
wanted to do. I hate the fact that Microsoft has removed this hack
technique, as it was available in Windows 9x.
Chris
- -----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Mack, Rick
Sent: Tuesday, April 08, 2003 2:23 PM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] Re: OT: GPO policy
Hi Jim,
Deleting the profile using the System applet does a few other things.
First it checks to see if the profile is being used. Then if you
delete the profile, it also deletes the appropriate SID entry under
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Profilelist.
On controlling the properties tab, I haven't done this but it looks
like a number of different DLLs are used (try running "control
sysdm.cpl" with filemon and regmon running). There's no reason at all
why you couldn't use a tool like reshacker to modify the appropriate
DLL to remove some functionality. Then have 2 copies of the DLL in
the search path, a crippled one for plebs, and a fully functional one
for the "real" admiinstrator.
Regards,
Rick
Ulrich Mack
rmack@xxxxxxxxxxxxxx
Volante Systems
18 Heussler Terrace, Milton 4064
Queensland Australia
tel +61 7 32467704
- -----Original Message-----
From: Jim Hathaway [mailto:JimH@xxxxxxxxxxxxxxx]=3D20
Sent: Wednesday, 9 April 2003 2:39 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: OT: GPO policy
If your citrix admins have browsing access to c:\documents and
settings
(win2k) or c:\winnt\profiles (TSE) they can delete any profiles
straight from there.=3D3D20
There is nothing special done in deleting the profiles from My
computer, that manually deleting the files from Explorer won't =
do.=3D3D20
They will (of course) not be able to determine if a profile is
roaming or local, or be able to quickly determine the last login
time, when using explorer.=3D3D20
Out of more curiosity . . :)=3D3D20
What kind of profiles are they deleting? Cached roaming copies that
aren't being removed properly?=3D3D20
What about scripting the removal of any cached profiles during a
nightly reboot? Be careful not to delete the default user profile or
the All user profiles with this process. But something that copies
all profiles out to a temp directory for the admin's to go through
(for any missed
files) and then wipes all cached copies after a reboot should help
clean this up.
Just a thought.
HTH
J
- -----Original Message-----
From: Chris Lynch [mailto:lynch00@xxxxxxx]=3D3D20
Sent: Tuesday April 08, 2003 9:20 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: OT: GPO policy
=3D3D3D20
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Well, this policy is for Citrix Admins. I want them to be able to =3D
delete profiles, but not to change the computer name, unjoin from the =
=3D
domain, change the pagefile, etc. If there is a better way, I'm all =3D
ears.
Thanks,
Chris
- - -----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On =
=3D
Behalf Of Jim Hathaway
Sent: Tuesday, April 08, 2003 9:14 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: OT: GPO policy
Out of curiosity Chris, what kind of access do you need to provide =3D
someone with in the property tabs of My computer?
Is this something that you might be able to make a custom MMC applet for =
=3D
instead?
I personally haven't come across any policies that allow this kind of =
=3D
granular control in the property tabs of My computer. Generally, =3D
disabling the 'properties' tab for My computer is restriction enough.
J
- - -----Original Message-----
From: Chris Lynch [mailto:lynch00@xxxxxxx]=3D3D3D3D20
Sent: Tuesday April 08, 2003 8:58 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: OT: GPO policy
=3D3D3D3D3D20
- - -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Anyone?
- - - -----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On =
=3D
=3D3D =3D3D3D Behalf Of Chris Lynch
Sent: Monday, April 07, 2003 1:19 PM
To: TheThin. net
Subject: [THIN] OT: GPO policy
=3D3D3D3D3D3D20
- - - -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I have a quick question. Does anyone have any templates or know of the =
=3D
=3D3D3D =3D3D3D3D3D =3D3D3D3D3D3D code to add in a policy to hide =
specific =3D
tabs in the =3D3D =3D3D3D Properties of =3D3D3D3D =3D3D3D3D3D My =
=3D3D3D3D3D3D =3D
Computer?
Thanks,
Chris
- - - -----BEGIN PGP SIGNATURE-----
Version: PGP 8.0
Comment: Public PGP key for Chris Lynch
iQA/AwUBPpHdKW9fg+xq5T3MEQLUNACg526gXsHg91OQtCYU5LehMuIfhwYAnjMo
MGq8/bLarwGj2pOiB7bpLP/X
=3D3D3D3D3D3D3DOSVp
- - - -----END PGP SIGNATURE-----
********************************************************
This Week's Sponsor - ThinPrint
Simply the best print solution for
Microsoft Terminal Services=3D3D3D3D3D20
and Citrix Metaframe.
http://www.thinprint.com/
**********************************************************
For Archives, to Unsubscribe, Subscribe or=3D3D3D3D3D20
set Digest or Vacation mode use the below link: =3D3D3D3D3D =3D3D3D =3D
http://thethin.net/citrixlist.cfm
- - -----BEGIN PGP SIGNATURE-----
Version: PGP 8.0
Comment: Public PGP key for Chris Lynch
iQA/AwUBPpLxnG9fg+xq5T3MEQLWPgCg9/qe+zxdnXBb3a9Va8ifoXhn1iUAni0q
SgtswFUGVA75vvk6fwYQgfE8
=3D3D3D3D3D3DCPxY
- - -----END PGP SIGNATURE-----
********************************************************
This Week's Sponsor - ThinPrint
Simply the best print solution for
Microsoft Terminal Services=3D3D3D3D20
and Citrix Metaframe.
http://www.thinprint.com/
**********************************************************
For Archives, to Unsubscribe, Subscribe or=3D3D3D3D20
set Digest or Vacation mode use the below link: =3D3D3D =3D
http://thethin.net/citrixlist.cfm
********************************************************
This Week's Sponsor - ThinPrint
Simply the best print solution for
Microsoft Terminal Services=3D3D3D20
and Citrix Metaframe.
http://www.thinprint.com/
**********************************************************
For Archives, to Unsubscribe, Subscribe or=3D3D3D20
set Digest or Vacation mode use the below link: =3D3D3D =3D
http://thethin.net/citrixlist.cfm
- -----BEGIN PGP SIGNATURE-----
Version: PGP 8.0
Comment: Public PGP key for Chris Lynch
iQA/AwUBPpL2v29fg+xq5T3MEQIbaACg8zhsPOqcQx2jpCIM/49itJ3GQPEAoNij
YkLg/94m6V7QNrcl1YlY742l
=3D3D3D3DfXV4
- -----END PGP SIGNATURE-----
********************************************************
This Week's Sponsor - ThinPrint
Simply the best print solution for
Microsoft Terminal Services=3D3D20
and Citrix Metaframe.
http://www.thinprint.com/
**********************************************************
For Archives, to Unsubscribe, Subscribe or=3D3D20
set Digest or Vacation mode use the below link: =3D
http://thethin.net/citrixlist.cfm
********************************************************
This Week's Sponsor - ThinPrint
Simply the best print solution for
Microsoft Terminal Services=3D20
and Citrix Metaframe.
http://www.thinprint.com/
**********************************************************
For Archives, to Unsubscribe, Subscribe or=3D20
set Digest or Vacation mode use the below link: =3D
http://thethin.net/citrixlist.cfm
- =3D
-------------------------------------------------------------------------=
=3D
-------------------------------------------
The information contained in this e-mail is confidential and may be =3D
subject to legal professional privilege. It is intended solely for the =
=3D
addressee. If you receive this e-mail by mistake please promptly inform =
=3D
us by reply e-mail and then delete the e-mail and destroy any printed =
=3D
copy. You must not disclose or use in any way the information in the =
=3D
e-mail. There is no warranty that this email or any attachment or =3D
message is error or virus free. It may be a private communication, and =
=3D
if so, does not represent the views of Volante group Limited.
********************************************************
This Week's Sponsor - ThinPrint
Simply the best print solution for
Microsoft Terminal Services=3D20
and Citrix Metaframe.
http://www.thinprint.com/
**********************************************************
For Archives, to Unsubscribe, Subscribe or=3D20
set Digest or Vacation mode use the below link: =3D
http://thethin.net/citrixlist.cfm
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0
Comment: Public PGP key for Chris Lynch
iQA/AwUBPpNHk29fg+xq5T3MEQK3kwCcDQu0ofPuJKmwHTuR0FJfiVsmd0sAoJ9E
FBmyAVYkjxJ90E2EftsWDhrn
=3D3DJxeO
-----END PGP SIGNATURE-----
********************************************************
This Week's Sponsor - ThinPrint
Simply the best print solution for
Microsoft Terminal Services=20
and Citrix Metaframe.
http://www.thinprint.com/
**********************************************************
For Archives, to Unsubscribe, Subscribe or=20
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
********************************************************
This Week's Sponsor - ThinPrint
Simply the best print solution for
Microsoft Terminal Services
and Citrix Metaframe.
http://www.thinprint.com/
**********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
Other related posts:
