Re: Prevent User from Saving/Changing Files on Desktop
From: Roger Abell (mvpNOSpam_at_asu.edu)
Date: 12/30/04
- Next message: Roger Abell: "Re: Local Policy Setting Grayed Out"
- Previous message: Darren Mar-Elia: "Re: Creating ADM Templates"
- In reply to: Jason Ryon: "Re: Prevent User from Saving/Changing Files on Desktop"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 29 Dec 2004 23:17:46 -0700
Not that I am aware of, as the sting is likely stored in a resource
file used in generating the binaries (in all language versions).
-- Roger Abell Microsoft MVP (Windows Security) MCSE (W2k3,W2k,Nt4) MCDBA "Jason Ryon" <JasonRyon@discussions.microsoft.com> wrote in message news:79621D42-F1A3-417F-B19C-489398C3196F@microsoft.com... > This works very nicely. Thank you. > > One more thing...now if something attempts to write to this, it gives an > error saying "Cannot save or replace filename: Access is denied. Make sure > that the disk is not full or write protected and that the file is not > currently in use." > > Is there someway to change this error message to say something like "You > cannot save to this desktop, please save all items to removable media or to > your network file space"? > > "Roger Abell" wrote: > > > You could try using cacls in a login script to replace the > > user's grant on the desktop folder in their profile. > > Evidently the profile is always recreated when they log in > > so you need to make the adjustment in the login script, and, > > as they normally will have a grant of full control they are > > able to change the permissions (or rather, it is possible in > > their login script context) > > > > cacls "%userprofile%\desktop" /t /e /p %username%:r > > > > The savy user may notice that, if they have ownership of > > their profile, they can change the permissions. > > > > -- > > Roger Abell > > Microsoft MVP (Windows Security) > > MCSE (W2k3,W2k,Nt4) MCDBA > > "Jason Ryon" <JasonRyon@discussions.microsoft.com> wrote in message > > news:E36BF11B-3BDF-4852-B7F9-A07ACAB25A09@microsoft.com... > > > Does anybody know how to prevent the users on a computer from storing > > their > > > files to the desktop (WinXP)? This will be used for a lab environment, > > where > > > the profiles are automatically deleted from the computer after log off. I > > > want to restrict it so the users can't even save files temporarily to the > > > desktop (save to, or drag to, etc.) so they won't feel bad when their > > files > > > are deleted. Any ideas? > > > > > >
- Next message: Roger Abell: "Re: Local Policy Setting Grayed Out"
- Previous message: Darren Mar-Elia: "Re: Creating ADM Templates"
- In reply to: Jason Ryon: "Re: Prevent User from Saving/Changing Files on Desktop"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
