Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

disabling properties/shortcuts from menu

Posted on 1997-08-29
8
Medium Priority
?
241 Views
Last Modified: 2013-12-23
Is there a registry hack to stop the "properties" option
appearing on the File menu on the desktop icons? For example
I'd like to stop users using properties to change the target
of a desktop icon from H: to c:\
??

Thanks!!
0
Comment
Question by:tmaclachlan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 12

Expert Comment

by:j2
ID: 1548664
Yes, by enforcing a policy on the machine, from a WinNT PDC.
0
 

Expert Comment

by:Wilfred
ID: 1548665
I do not know of a hack but,
if you do not want to allow your users to add, delete or change their desktop icons just make sure desktops are stored on a directory on a network disk with only read access.

btw: it is possible to remove all desktop icons with the policy editor.
0
 

Author Comment

by:tmaclachlan
ID: 1548666
I'm aware of this. However, if users can create a shortcut target
to drive c:\ from their writable space on the network, which
is a HUGE loophole. If the "properties" or "create shortcut"
could be disabled with the registry it would stop them from
doing this. otherwise they could create a shortcut even if
there were no desktop icons.

0
Turn your laptop into a mobile console!

The CV211 Laptop USB Console Adapter provides a direct Laptop-to-Computer connection for fast and easy remote desktop access with no software to install.

 
LVL 5

Expert Comment

by:y96andha
ID: 1548667
What are you trying to achieve? Even if you set policies not to show certain drives, you can enter the drive letter, like C:, in any open or save file dialog and get there anyway. And you can rename, delete and execute files from an open or save dialog.
0
 
LVL 2

Expert Comment

by:jerryd
ID: 1548668
tmaclachlan,
The short answer is no - you can't (safely) stop the system from displaying the properties of the shortcut.

HOWEVER, is your aim is to thwart users that think they're technicians, here's a few suggestions:

1. If you're on a network, copy the shortcut to their desktop during the login process - overwriting the shortcut if it already exists - then YOU control the properties of the shortcut.

2. Make a copy of the shortcut in the WINDOWS\SYSTEM directory only rename it from SHORTCUT.LNK to something like SHORTCUT.SYS (users tend to shy away from files that end in .SYS, .DRV).  Then, create a batch file called WINSTART.BAT that copies the shortcut from C:\WINDOWS\SYSTEM\SHORTCUT.SYS to C:\WINDOWS\DESKTOP\SHORTCUT.LNK (if that's where your user's desktops are).

Of course, always mark it read-only - this will stop some users from messing!

Jerry

0
 

Author Comment

by:tmaclachlan
ID: 1548669
Nice idea..but it still doesn't stop someone from creating
a shortcut on their network home directory or from a floppy
drive straight to c:\


0
 

Expert Comment

by:joesurf
ID: 1548670
So you basically want to stop users from using up space on the C: for storage ?

If so, then you can do one of two things..

1. Purchase third party software, that prevents access to certain Windows components, I know of a product but don't have the details right here.  You'd want to restrict access to the command prompt as well as they can do what they like in a DOS shell.

2. Create a batch/script to delete all unwanted files on logoff, or fill up the hard disk so there is no room to store files, but just enough space for the system to function normally.

0
 
LVL 5

Accepted Solution

by:
heiko earned 140 total points
ID: 1548671
there can't be any way because while the users session all links and icons are stored on the local disk even you have central stored profiles. Next you have no chance to protect all local stored items.

the only way I know is to suppress of starting unregistered software. you can setup in system policy to start only registered programs with full pathnames. then the user can change the links but is unable to start them. the next is to protect the central stored profile as mandatory so that all changes are lost on next logon.

I hope this is a solution.
Heiko
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes you might need to configure routing based not only on destination IP address, but also on a combination of destination IP address (or hostname) and destination port number. I will describe a method how to accomplish this with free tools. …
Greetings, Experts! First let me state that this website is top notch. I thoroughly enjoy the community that is shared here; those seeking help and those willing to sacrifice their time to help. It is fantastic. I am writing this article at th…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question