How to configure Home Folder with extra security

If you are having a domain controller, and decided to give a personal drive for all users, then home folder configuration is the best way to do it.

But if you want to make it secure for every users, then you have to configure something extra with ntfs security and share security.

Our current requirement as follows:

  • Deploy home folder for 500+ users
  • Make it secure, so that one user can not view others home folder from home share. Browse option should be disabled.

First option was easy and simple, but I have to think a lot on second option.

You can get the overview on how ntfs permission works on network share from following:

USERS

NTFS PERMISSION

SHARE PERMISSION

EFFECTIVE PERMISSION

USER A

R

R

R

USER B

F

R

R

USER C

R

F

R

USER D

F

F

F

USER E

F

N

N

USER F

N

F

N

Continue reading

RealVNC MSI Deployment

vnc

For giving instant remote support to almost 1500+ desktop, we have to use some remote control tool, so we decided to install RealVNC server only to all the system. But manually it will take huge time to install RealVNC server to all the system. So, I started working on convert it into MSI package, which we can easily deploy via Group Policy.

Also we have to keep following things on mind:

  • For security reason, as per company policy, Windows Firewall should be on to all system, So, I we have to make it an exception on firewall exception list.
  • RealVNC server password should be same in all the system.
  • Package size should be small, so it can be easily deploy.

And finally I have created the MSI Installer. This installer will really small in size, only 533 KB and also iwll will add VNC Port and Application into Windows Firewall exception list at the time of installation. It also set a default password.

Continue reading

Remote Desktop Protocol 6.1 MSI Package for desktop deployment

Recently we implement TS 2008 on our site, and our entire client PC having Windows XP Service Pack 2. To access TS Application, we need to have RDP 6.1 installed on every system, but there is not update available for the same on WSUS.
Continue reading