Restrict Users from Running Specific Windows Programs

1/ By Group Policy
- Prevent by name
- Prevent by Hash

2/ By Registry:

  1. Click Start, and then click Run.
  2. In the Open box, type regedit, and then click OK.
  3. Create a DWORD value named DisallowRun. To do so:
    1. Locate and then click the following registry key:
      HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion \Policies\Explorer
    2. On the Edit menu, point to New, and then click DWORD Value.
    3. Type disallowrun, and then press ENTER.
    4. Double-click the DisallowRun value that you created in the previous step.
    5. Type 1 in the Value data box, and then click OK.
  4. Create a new HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion \Policies\Explorer\DisallowRun subkey. To do so:
    1. Right-click the following registry key, point to New, and then click Key:
      HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion \Policies\Explorer
    2. Type disallowrun, and then press ENTER.
  5. For each program that you want to prevent users from running, create a new string value in the DisallowRun subkey that you created in step 4. Use consecutive numbers to name the string values (starting with 1), and use the executable file name for the program as the data for the string value.

    For example, if you want to restrict users from running Microsoft Internet Explorer:
    1. Right-click the following registry key, point to New, and then click String Value:
      HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion \Policies\Explorer\DisallowRun
    2. Type 1, and then press ENTER.
    3. Double-click the 1 value that you created in the previous step.
    4. Type iexplore.exe in the Value data box, and then click OK.
  6. Quit Registry Editor, and then restart the computer.

Troubleshooting

Group Policy background processing can take up to 5 minutes to be refreshed on domain controllers and up to 120 minutes to be refreshed on client computers. To force background processing of Group Policy settings, use the Secedit.exe tool:
  1. Click Start, and then click Run.
  2. In the Open box, type cmd, and then click OK.
  3. Type secedit /refreshpolicy user_policy /enforce, and then press ENTER.
  4. Type secedit /refreshpolicy machine_policy /enforce, and then press ENTER.
  5. Type exit, and then press ENTER to quit the command prompt.
 More: http://support.microsoft.com/kb/324036
Labels: ,
Subscribe to: Post Comments (Atom)