• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Restricting VPN Access in SBS 2003

R

Rich Eustace

#1
Is it possible to restrict access for VPN clients to a single directory in
SBS2003?

Perhaps I am using the wrong technique.

We have a remote site which needs access to some MS Office Access databases
but that is all. VPN lets them access all the shares on the server which
seems to be overkill and not very secure.

Thanks
 

My Computer

C

Cris Hanna [SBS - MVP]

#2
are the workstations joined to the domain?

--
Cris Hanna [SBS - MVP] (since 1997)
Co-Contributor, Windows Small Business Server 2008 Unleashed
http://www.amazon.com/Windows-Small...bs_sr_1?ie=UTF8&s=books&qid=1217269967&sr=8-1
Owner, CPU Services, Belleville, IL
A Microsoft Registered Partner
------------------------------------
MVPs do not work for Microsoft
Please do not submit questions directly to me.

"Rich Eustace" <rich.eustace@newsgroup> wrote in message news:81779B06-63F9-4BF9-BC58-B58B4C6D9C06@newsgroup
Is it possible to restrict access for VPN clients to a single directory in
SBS2003?

Perhaps I am using the wrong technique.

We have a remote site which needs access to some MS Office Access databases
but that is all. VPN lets them access all the shares on the server which
seems to be overkill and not very secure.

Thanks
 

My Computer

L

Larry Struckmeyer[SBS-MVP]

#3
Rich:

Opening Access files, (or indeed any database that is not client-server)
over a VPN is just asking for corruption. Better to use TS or RWW.

-
Larry
Please post the resolution to your
issue so others may benefit
-
Get Your SBS Health Check at
www.sbsbpa.com


> Is it possible to restrict access for VPN clients to a single
> directory in SBS2003?
>
> Perhaps I am using the wrong technique.
>
> We have a remote site which needs access to some MS Office Access
> databases but that is all. VPN lets them access all the shares on the
> server which seems to be overkill and not very secure.
>
> Thanks
>
 

My Computer

J

Jim Behning SBS MVP

#4
Make a security group called MS Access Only users. Go to shares on
server. Go to Security tab. Add that security group with a deny or no
permissions. That should keep them out of the folders. They may see
them but that is ok.

On Mon, 26 Apr 2010 05:43:01 -0700, Rich Eustace
<rich.eustace@newsgroup> wrote:

>Is it possible to restrict access for VPN clients to a single directory in
>SBS2003?
>
>Perhaps I am using the wrong technique.
>
>We have a remote site which needs access to some MS Office Access databases
>but that is all. VPN lets them access all the shares on the server which
>seems to be overkill and not very secure.
>
>Thanks
See what SBS support is working on
http://blogs.technet.com/sbs/default.aspx
Check your SBS with the SBS Best Practices Analyzer
http://blogs.technet.com/sbs/archive/tags/BPA/default.aspx
 

My Computer

R

Rich Eustace

#5
No they are not

"Cris Hanna [SBS - MVP]" wrote:

> are the workstations joined to the domain?
>
> --
> Cris Hanna [SBS - MVP] (since 1997)
> Co-Contributor, Windows Small Business Server 2008 Unleashed
> http://www.amazon.com/Windows-Small...bs_sr_1?ie=UTF8&s=books&qid=1217269967&sr=8-1
> Owner, CPU Services, Belleville, IL
> A Microsoft Registered Partner
> ------------------------------------
> MVPs do not work for Microsoft
> Please do not submit questions directly to me.
>
> "Rich Eustace" <rich.eustace@newsgroup> wrote in message news:81779B06-63F9-4BF9-BC58-B58B4C6D9C06@newsgroup
> Is it possible to restrict access for VPN clients to a single directory in
> SBS2003?
>
> Perhaps I am using the wrong technique.
>
> We have a remote site which needs access to some MS Office Access databases
> but that is all. VPN lets them access all the shares on the server which
> seems to be overkill and not very secure.
>
> Thanks
 

My Computer

S

SuperGumby [SBS MVP]

#6
not sure why Cris asked, I can see some reference but it's minor.

You control share access for VPN users in _exactly_ the same way you control
access for local users, by setting either the share or file level
permissions.

Jim's idea for 'deny' works but I encourage you to forget this idea about
'how do I control VPN users' and more simply look at it as 'how do I control
file access based on user'.

"Rich Eustace" <rich.eustace@newsgroup> wrote in message
news:1950D7E5-C9E3-4934-AEE8-265139BAA4E4@newsgroup

> No they are not
>
> "Cris Hanna [SBS - MVP]" wrote:
>

>> are the workstations joined to the domain?
>>
>> --
>> Cris Hanna [SBS - MVP] (since 1997)
>> Co-Contributor, Windows Small Business Server 2008 Unleashed
>> http://www.amazon.com/Windows-Small...bs_sr_1?ie=UTF8&s=books&qid=1217269967&sr=8-1
>> Owner, CPU Services, Belleville, IL
>> A Microsoft Registered Partner
>> ------------------------------------
>> MVPs do not work for Microsoft
>> Please do not submit questions directly to me.
>>
>> "Rich Eustace" <rich.eustace@newsgroup> wrote in
>> message news:81779B06-63F9-4BF9-BC58-B58B4C6D9C06@newsgroup
>> Is it possible to restrict access for VPN clients to a single directory
>> in
>> SBS2003?
>>
>> Perhaps I am using the wrong technique.
>>
>> We have a remote site which needs access to some MS Office Access
>> databases
>> but that is all. VPN lets them access all the shares on the server
>> which
>> seems to be overkill and not very secure.
>>
>> Thanks
 

My Computer

Users Who Are Viewing This Thread (Users: 1, Guests: 0)