238 Windows Server 2008 Terminal Services Resource Kit Path Rule This rule identifies a specific path of an application and only the application in that path can be allowed or denied. A specific piece of code (such as Winword.exe) can be expressed in the path or the path can point to a folder. If the latter, all code in the folder is allowed or denied. For example, if you host Microsoft Office 2007 applications on your terminal server, you can point to the Microsoft Office installation directory. All code in that directory will be allowed or denied depending on the policy security level and additional rule settings. Environmental variables, UNC paths, registry paths, question marks, and asterisk wildcards can be used in path rules. Network Zone Rule This rule only applies to .msi files, so is probably not very useful in locking down a terminal server except when installing software.
Share
