On Sat, 1 Jan 2005 09:51:51 +1000, Rick Mack <Rick.Mack@xxxxxxxxxxxxxx> wrote: > 2003 is actually quite secure provided you didn't select the NT 4 > compatibility mode (relaxed security). This adds users to the terminal server > users group, which has full access, as you've found, to critical file and > registry areas. > > Of course if you select full security you'll have a bit of work either > deprotecting some file/registry areas selectively for particular > applications, or on the registry side, using per-user file asociations. But > it's worth it for a secure system. Ahh yes, forgot about that setting :o Seems the guys that set up the machine have put it on relaxed.. From what I've read, its perfectly safe to change it on the fly (although I'd guess that no users could be a benefit :) )..? And then I presume its just a case of checking the apps and modding permissions, as necessary. Do you know what/where it actually modifies? MS site just says "files and directories on the file system" and "keys in the registry" !! Andrew ******************************************************** This Weeks Sponsor SeamlessPlanet.com Domain Names Register your .com domain name for as low as $7.85 One of the lowest prices on the web! Part of The Kenzig Group. http://www.seamlessplanet.com ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm ThinWiki community - Awesome SBC Search Capabilities! http://www.thinwiki.com *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm