Re: 2000 Server Policy on XP Client
From: Oli Restorick [MVP] (oli_at_mvps.org)
Date: 07/07/04
- Next message: Mark Renoden [MSFT]: "Re: Disabling the Default Domain Policy"
- Previous message: Oli Restorick [MVP]: "Re: SUS question"
- In reply to: Dan Cooper: "2000 Server Policy on XP Client"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 7 Jul 2004 23:03:31 +0100
While Windows 2000 had some basic features to block execution of programs
based on filenames, Windows XP and higher have Software Restriction
Policies, which base the restrictions on the hash of the file. Therefore, a
user cannot bypass your restriction by renaming their banned executable to
winword.exe, for example.
If you manage your Windows 2000 Active Directory from a Windows XP Pro
machine, you should find the software restriction policies. You don't need
to upgrade your domain to Windows Server 2003 to gain this functionality.
Hope this helps
Oli
"Dan Cooper" <Dan Cooper@discussions.microsoft.com> wrote in message
news:E6023B4C-D243-4A90-A49E-BA24C12CDCC4@microsoft.com...
>I have a new policy in effect blocking all applications from being run,
>except the ones i allow. this works great on my 2000 Workstations, but has
>no effect on my XP Pro workstations... is there anything im doing wrong for
>this not to work, or do i have to upgrade to Server 2003??
>
> Thanks,
> Dan
- Next message: Mark Renoden [MSFT]: "Re: Disabling the Default Domain Policy"
- Previous message: Oli Restorick [MVP]: "Re: SUS question"
- In reply to: Dan Cooper: "2000 Server Policy on XP Client"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
