| View Question |
|
|
 | ||
|
| Subject:
Removing sensitive documents from being left behind a roaming profile
Category: Computers > Operating Systems Asked by: sherpaj-ga List Price: $10.00 |
Posted:
01 Nov 2002 03:30 PST
Expires: 01 Dec 2002 03:30 PST Question ID: 95205 |
How do I remove sensitive documents from being left behind a roaming profile I am using roaming profiles on a small windows XP network (windows SBS 2000 is the server). I noticed that if person A logs into person B’s PC and then logs out, Person A’s profile is left behind on the C drive. If this profile contains sensitive documents that have been left on the desktop, this becomes a problem. How can I resolve this security loophole? I don’t want to do anything time consuming and drastic like creating mandatory polices. I have everything customized and working just great. I just want it to delete the profile when the person logs out. I know nothing about policies and all that stuff, and would need a step-by-step if the procedure ventured into that territory or was complicated. Also, If someone can show me how to make the system delete guest profiles left on the C drive, then can it be set so that it doesn’t delete the primary user’s profile? I would imagine that if it kept deleting the primary user’s profile, it would take forever for the primary user to login at the start of the day, and logout at the end of the day. |
| ||
|
| There is no answer at this time. |
| ||
|
| Subject:
Re: Removing sensitive documents from being left behind a roaming profile
From: dudo-ga on 01 Nov 2002 10:10 PST |
Create something like netlogon script when user logoff's from client. OR run a security setting script on roaming profile files during logon (on client) so that only specified user can access the files (netlogon again) OR put secure user files in a secure directory on network share and map that directory on a user desktop (or even try to map desktop on that directory -> tricky !! you must hack the registry key for that user) |
| Subject:
Re: Removing sensitive documents from being left behind a roaming profile
From: pwizard-ga on 05 Nov 2002 10:14 PST |
The way this is meant to be done is with the use of Group Policies through the Windows 2000 Group Policy Administrator. There is a specific policy for "deleting locally cached copies of roaming profiles when a user logs off". This would take care of your problem, but it would require setting up a group policy which you seem reluctant to do. The only other way like dudo says is to setup scripts that run during logoff or setting up some sort of advanced security settings that flag those files with permissions that are only accessible by the owner. Personally, I think the group policy would be easier than trying to setup all of that. I know that Group Policies can be intimidating at first, but I think after you learned how to use them, you would find all sorts of new uses for them and have much better control over your SBS 2000 environment. If you decide to go the Group Policy route, just let me know and I'll be happy to get you the information you need to set that up. -PWizard |
If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you. |
| Search Google Answers for |
| Google Home - Answers FAQ - Terms of Service - Privacy Policy |