RE: How to block users from installing other apps
From: Laura A. Robinson (larobins_at_bellatlantic.net)
Date: 06/26/03
- Previous message: John Lampe: "Re: Windows NLB"
- In reply to: Jane Han: "How to block users from installing other apps"
- Next in thread: Shackleford, Dave: "RE: How to block users from installing other apps"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Jane Han'" <janehan22@yahoo.com>, <focus-ms@securityfocus.com> Date: Wed, 25 Jun 2003 19:07:38 -0400
1. Do not give administrative rights to users on their machines.
2. Use group policy to install applications.
3. To deal with the poorly-written in-house applications, have the
developers document what registry settings and file system locations the
users need to be able to modify and assign those permissions. Alternately,
look into the Application Compatibility Toolkit if you're using XP boxes,
which allows you to build custom databases for the applications that give
the applications what they need to function without raising user rights.
4. If you have a Windows Server 2003 AD, use SAFER (Software Restriction
policies) to specify allowed applications. Even if the users manage to
download/install unauthorized applications, they won't run if you configure
the SAFER policies correctly.
Laura
> -----Original Message-----
> From: Jane Han [mailto:janehan22@yahoo.com]
> Sent: Wednesday, June 25, 2003 4:22 PM
> To: focus-ms@securityfocus.com
> Subject: How to block users from installing other apps
>
>
> Due to several customized inhouse applications, the
> users need to be local aministrator to lauch the
> applications. Since most users are local
> admin, they can download and install applications such
> as games, AOL instant messages...from internet.
>
> Is it possible to block users from installing
> applications through Group Policy in this case? or
> disable internet explorer?
>
> Any solutions or suggestions?
>
>
> Thanks in advance,
> Jane
>
>
> __________________________________
> Do you Yahoo!?
> SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com
>
> --------------------------------------------------------------
> ---------------
> --------------------------------------------------------------
> ----------------
>
-----------------------------------------------------------------------------
------------------------------------------------------------------------------
- Previous message: John Lampe: "Re: Windows NLB"
- In reply to: Jane Han: "How to block users from installing other apps"
- Next in thread: Shackleford, Dave: "RE: How to block users from installing other apps"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
