Restricting access to gpedit.msc

[Eddiefdz]

Hello,

I want to restrict access to gpedit.msc to just the administrators group. How can I do that.

Thanks,
Eddie

Eddie Fernandez
CCNA, Network+, A+, MCP

 

[Cstorms]

I think I used a software restriction policy for a snapin but if the user was savy enough to create a new snapin and just add that particular one it would still work.

 

[itsp1965]

Have you tried changing the ACL of the file itself in order to allow only administrators to run it. By default users have Read+Execute access to it.

 

[Infinity306]

I don't see why you couldn't go even simpler and just delete the file on the users computers or rename it.. I don't think it's needed by windows unless you are changing the Group Policy. so you could just have it on a flash drive if needed.course I guess a saavy user could get around that by having a copy of Gpedit somewhere else..

 

[SuperJenks]

Just tell your users if they access the file, you will personally break their legs...lol Usually works as a last resort.

 

[gmail2]

You can set this with group policy - under User Configuration > Admin Templates > Windows Components > MMC > Restricted/Permitted Snap ins > Group Policy > Group Policy object Editor

Of course SuperJenks suggestion works equally well thought Curious why you want to stop users from opening it though, surely it's empty anyway?

Irish Poetry - Karen O'Connor
Irish Poetry and Short Stories - Doghouse Books
Garten und Landschaftsbau