RDP Security Settings and Permissions

mR742

Distinguished
Jan 24, 2009
12
0
18,510
Hello all,

Back again with another brain buster, at least for me.

So to get right into it I decided to setup a small file share across my home network using an alternate account that can only access the shared folders and only has 3 folders available to it that it can add/delete items to/from. Simple enough.

My problem is that when I use the alternate account to login to my box remotely (RDP) I am able to make any changes to the computer I want including being able to change folder permissions, change the administrator login information, etc... as if that account has admin rights to the box. I have attempted to use the Parental controls to disable that account from being able to use any application at all but I can simply remote in with the alternate account and change them back, giving me full access to everything once again.

The alternate account is ONLY in the USERS group and I have been able to impliment a workaround for this by denying terminal services to the USERS group via secpol.msc but I am still able to use one of the other PC's in my home to edit folder permissions thus destroying the shared data if I so choose to.

What I would like to know is how can I create a user account that is only used to map to folders and not able to change any of the permissions?


I think I just confused myself so if you need more clarification please let me know what info you need....ANY help is appreciated, thank you! :hello:
 

mR742

Distinguished
Jan 24, 2009
12
0
18,510



Live help from whom? Microsoft....I dont think so...dont feel like spending 10 hrs on the phone repeating myself, but than you anyways