I'm in the process of implementing group policies on a hybrid 2000/XP network. Our servers are Win 2K. I want to prevent users from installing programs. I was able to block the programs that have the file 'setup.exe', however there are files that have the program name combined with 'setup.exe', for example: 'gatewasetup.exe'
Is there a way for me to disallow any file with the word 'setup.exe' in it? Are the use of wildcards allowed? Or is there away with GPO to not allow users to install anything period, even though they have admin rights to their machines?