I need to create an account on WIN/2003 (I'm sure it is the same on WIN/NT and 2K) for which a user can run items when prompted for credentials via a website, but cannot log onto the box itself.
On Linux, I did this by creating a user 'dummy' and giving 400 permissions to /home/dummy
Since the temp files can't be read and the main files can't be executed, the user gets an error message informing them to talk to the admin.
My company software requires that when running a report, credentials must be populated (dummy/dummy), and this must be a valid user on the box....
I am trying to lock down my box, and am trying to avoid applying NTFS permissions to all directories on the drive, and trying to find a simple way to apply this limitation on the user instead.
The user is not part of any group currently... was thinking of adding to the 'POP3 Users' since no mail server is being run.
Any help is appreciated.
On Linux, I did this by creating a user 'dummy' and giving 400 permissions to /home/dummy
Since the temp files can't be read and the main files can't be executed, the user gets an error message informing them to talk to the admin.
My company software requires that when running a report, credentials must be populated (dummy/dummy), and this must be a valid user on the box....
I am trying to lock down my box, and am trying to avoid applying NTFS permissions to all directories on the drive, and trying to find a simple way to apply this limitation on the user instead.
The user is not part of any group currently... was thinking of adding to the 'POP3 Users' since no mail server is being run.
Any help is appreciated.
Facebook
Twitter