We have a verity of application on our network. Some of these applications require the user to have local computer admin rights for the application to run properly. I have added the users that need local admin rights into the local admin group, but would like to be able to restrict what applications they can run while they are logged into these systems. Is there a way to keep users from running files such as setup.exe, regedit.exe, etc. on these systems unless they are a member of the “Domain Admins” group in the domain? Maybe an active directory policy?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Restricting File Access with Active Directory
- Thread starter moapple
- Start date
Similar threads
- Locked
- Question
