Classic problem here. I have been asked to configure a workstation so that the only thing that can run is IE and a specific site. It is for a time and attendance application, management wants a station setup so staff don't have to wait for their
workstations to boot to clock in in the morning.
So I am playing with software restriction policies on a test workstation. It is not part of our domain so I am using the local security policies and have been referencing this article:
I created a software restriction policy and set the default security level to Disallowed because I only want them running IE. I did make sure to check that the Enforcement Properties were set to All software files except libraries and Apply software
restriction policies to the following users was set to: All users except local administrators.
I logged into my basic user account and sure enough, everything is blocked except IE and Outlook Express, which is fine.
Then I logged back into the administrator account and have discovered that I can't run anything there either except IE and Outlook Express. So I can't run Local Security Policies from Admin Tools, I can't run CMD.exe so I can't run secedit.
Why has it applied the policy to the local administrator and how to turn it off now? I've been looking for registry keys and can't seem to find them.
Any help is greatly appreciated.
Thanks in advance,
Oh, forgot to mention I can run regedit.
Modifiélkublermercredi 14 mars 2012 17:46Additional Info
Ah, Ok so I figured out I can run the secpol.msc from the run line and was able to turn off the software restriction policy. By that I mean I was able to change the default security level to unrestricted.
Upon further scruteny I don't see any way to apply a software security policy to just a user or group of users on a computer that is not joined to the domain. Am I just missing it or do I have to join this computer to the domain to get that level of
Microsoft réalise une enquête en ligne pour comprendre votre opinion sur le site Web de Technet. Si vous choisissez de participer, l’enquête en ligne vous sera présentée lorsque vous quitterez le site Web de Technet.