Hey folks, I've been given the task of administering a Windows NT4 TSE/Metaframe 1.8 installation with 8 servers, 2 of which are configured for publishing IE5 (seamless). The previous owner did not secure the environment at all and I've been working to improve on the security without impacting the functionality for the users too much. I'm at somewhat of a disadvantage because I'm coming from the UNIX world primarily and am a little flaky with NT4 stuff. One of my oustanding problems is that of users installing applications and/or plugins via Internet Explorer. For instance, user goes to www.yahoo.com <http://www.yahoo.com> and installs the Yahoo bar or email plugin. I know that I can partially lock this down with file permissions, but there are always directories that must remain writable for the user. For instance, they have installed this stuff in their profile on the server or in the temp directory. I'm wondering if there's anyway to completely lock out the functionality of a user being able to install an application and/or plugin? Does anybody have any pointers to info that would specifically deal with the inherent security problems with publishing IE (seamless or desktop)? I appreciate any help and I apologize in advance if this is a newbie question. Please flame in private (to my email address, not the list) if you must. Thanks, Matt matt.shaw@xxxxxxxxx <mailto:matt.shaw@xxxxxxxxx> ---------------------------------------------------------------------------- This communication (including all attachments) is intended solely for the use of the person or persons to whom it is addressed and should be treated as a confidential xwave communication. If you are not the intended recipient, any use, distribution, printing, or copying of this email is strictly prohibited. If you received this email in error, please immediately delete it from your system and notify the originator. Your cooperation is appreciated. *************************************************************************** This Week's Sponsor: New Wyse(R) Expedian(TM)software maximizes your server capacity--cost-effectively. Now you can dramatically increase the number of users on a server by as much as 40%--and reduce the number of servers you have to manage. By optimizing memory usage, Wyse Expedian software allows the terminal server to support more applications and more concurrentusers. Download your 30-day free trial today at: http://www.wyse.com/expedian/eval.cfm?promo=US-Ad-0103TheThinNetNewsletterEM **************************************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm