Good point, so what if I publish only to 5 people AND lock down the executables with NTFS perms to only those 5, legal then? ________________________________ From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jeff Pitsch Sent: Friday, September 29, 2006 10:19 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Office and legalities Unfortunately you can still call other applications from within other applications many times. For instance, say you have 5 people you wan to use Word and a different set of 5 you want to use Excel. you publish them out and you think your good. That is until you see that Joe Word user is embedding Excel documents in their Word documents. mmmmmm, Joe Word user isn't supposed to be able to do that? DOH! Publishing applications isn't a security measure. You are better off locking down minimally NTFS permissions but it's better to use something like Software Restriction Policies or 3rd party products to actually enforce this type of thing. Jeff Pitsch Microsoft MVP - Terminal Server Provision Networks VIP Forums not enough? Get support from the experts at your business http://jeffpitschconsulting.com <http://jeffpitschconsulting.com/> On 9/29/06, gabriel.j.byrne@xxxxxx <gabriel.j.byrne@xxxxxx> wrote: publish it for everyone but limit the instances allowed to run to 5. that way all users have the facility of using office but you remain compliant. also enable over the limit logging so you get an idea of how many licenses you would require if more are needed Regards Gabriel Gabriel Byrne Tel: 016418730 Mob: 086 8520515 ************************************************************************ ******** This document is strictly confidential and is intended for use by the addressee unless otherwise indicated. This email has been scanned by an external Email Security System. Allied Irish Banks ************************************************************************ ********