sgunderson
asked on
Install Permissions for users on Windows Domain
I am running a Windows 2000 Domain with about 500 users, my boss has asked me if we could give certain individuals rights to install programs, but only localy. He does not want them to install anything downloaded from the web. They are all users right now so they cannot install anything which is fine by me....however I have already exhausted the options of making them power users or Admin on the local machine only because he only wants them to be able to install something like a CDROM that came with a text book or something from media. Can this be done through group policys?? Any help would be greatly appreciated.
Thanks
Thanks
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The--Captain
Sven has hit the nail squarely on the head. Pts to him.
ASKER
These are the answers I expected. Thank You Very Much.
Sven is right, HOWEVER, if you are running either Proxy Server or more recently ISA Server, you can handle this problem by using Group Policy, i.e., creating power user groups or using inherited permissions. Then you ISA can inherit attributes from the group permissions and allow or disallow downloads from the internet. Simple, but can be a bad one to set up if you have to route through a DMZ.
ASKER
Thank You
PowderedToast
PowderedToast