disabling properties/shortcuts from menu

Is there a registry hack to stop the "properties" option
appearing on the File menu on the desktop icons? For example
I'd like to stop users using properties to change the target
of a desktop icon from H: to c:\
??

Thanks!!
tmaclachlanAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

j2Commented:
Yes, by enforcing a policy on the machine, from a WinNT PDC.
0
WilfredCommented:
I do not know of a hack but,
if you do not want to allow your users to add, delete or change their desktop icons just make sure desktops are stored on a directory on a network disk with only read access.

btw: it is possible to remove all desktop icons with the policy editor.
0
tmaclachlanAuthor Commented:
I'm aware of this. However, if users can create a shortcut target
to drive c:\ from their writable space on the network, which
is a HUGE loophole. If the "properties" or "create shortcut"
could be disabled with the registry it would stop them from
doing this. otherwise they could create a shortcut even if
there were no desktop icons.

0
Cloud Class® Course: CompTIA Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

y96andhaCommented:
What are you trying to achieve? Even if you set policies not to show certain drives, you can enter the drive letter, like C:, in any open or save file dialog and get there anyway. And you can rename, delete and execute files from an open or save dialog.
0
jerrydCommented:
tmaclachlan,
The short answer is no - you can't (safely) stop the system from displaying the properties of the shortcut.

HOWEVER, is your aim is to thwart users that think they're technicians, here's a few suggestions:

1. If you're on a network, copy the shortcut to their desktop during the login process - overwriting the shortcut if it already exists - then YOU control the properties of the shortcut.

2. Make a copy of the shortcut in the WINDOWS\SYSTEM directory only rename it from SHORTCUT.LNK to something like SHORTCUT.SYS (users tend to shy away from files that end in .SYS, .DRV).  Then, create a batch file called WINSTART.BAT that copies the shortcut from C:\WINDOWS\SYSTEM\SHORTCUT.SYS to C:\WINDOWS\DESKTOP\SHORTCUT.LNK (if that's where your user's desktops are).

Of course, always mark it read-only - this will stop some users from messing!

Jerry

0
tmaclachlanAuthor Commented:
Nice idea..but it still doesn't stop someone from creating
a shortcut on their network home directory or from a floppy
drive straight to c:\


0
joesurfCommented:
So you basically want to stop users from using up space on the C: for storage ?

If so, then you can do one of two things..

1. Purchase third party software, that prevents access to certain Windows components, I know of a product but don't have the details right here.  You'd want to restrict access to the command prompt as well as they can do what they like in a DOS shell.

2. Create a batch/script to delete all unwanted files on logoff, or fill up the hard disk so there is no room to store files, but just enough space for the system to function normally.

0
Heiko BialozytLeiter ITCommented:
there can't be any way because while the users session all links and icons are stored on the local disk even you have central stored profiles. Next you have no chance to protect all local stored items.

the only way I know is to suppress of starting unregistered software. you can setup in system policy to start only registered programs with full pathnames. then the user can change the links but is unable to start them. the next is to protect the central stored profile as mandatory so that all changes are lost on next logon.

I hope this is a solution.
Heiko
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Networking

From novice to tech pro — start learning today.