Solved

Active Directory

Posted on 2004-03-21
4
694 Views
Last Modified: 2012-05-04
Hello all,

I have a problem where children are creating a batch file and then running it. I cant stop the messenger service because of software running that uses it, also i cant stop the command prompt for script processing.  I have found an ADM file to stop VBScript, can anyone help me change or even  add to it the command prompt.

PS all i want to do really is change the default action for the file types CMD and BAT to open in notepad and not run.



CLASS MACHINE
   CATEGORY "Script_blocking"
      CATEGORY "VBSFile"
         POLICY "CScript_blocking"
                  KEYNAME !!C_VBS
             ACTIONLISTON
               VALUENAME ""
               VALUE !!CScript_cmd
             END ACTIONLISTON
                   ACTIONLISTOFF
               VALUENAME ""
               VALUE !!CScript_cmd_def
             END ACTIONLISTOFF
         END POLICY ;CScript_blocking
             POLICY "WScript_blocking"
                 KEYNAME !!W_VBS
             ACTIONLISTON
               VALUENAME ""
               VALUE !!WScript_cmd
             END ACTIONLISTON
                   ACTIONLISTOFF
               VALUENAME ""
               VALUE !!WScript_cmd_def
             END ACTIONLISTOFF
         END POLICY ;WScript_blocking
      END CATEGORY ; VBSFile

        CATEGORY "jsfile"
           POLICY "CScript_blocking"
                  KEYNAME !!C_js
             ACTIONLISTON
               VALUENAME ""
               VALUE !!CScript_cmd
             END ACTIONLISTON
                   ACTIONLISTOFF
               VALUENAME ""
               VALUE !!CScript_cmd_def
             END ACTIONLISTOFF
         END POLICY ;CScript_blocking
             POLICY "WScript_blocking"
                 KEYNAME !!W_js
             ACTIONLISTON
               VALUENAME ""
               VALUE !!WScript_cmd
             END ACTIONLISTON
                   ACTIONLISTOFF
               VALUENAME ""
               VALUE !!WScript_cmd_def
             END ACTIONLISTOFF
         END POLICY ;WScript_blocking
      END CATEGORY ; jsfile

        CATEGORY "WSHFile"
           POLICY "CScript_blocking"
                  KEYNAME !!C_WSH
             ACTIONLISTON
               VALUENAME ""
               VALUE !!CScript_cmd
             END ACTIONLISTON
                   ACTIONLISTOFF
               VALUENAME ""
               VALUE !!CScript_cmd_def
             END ACTIONLISTOFF
         END POLICY ;CScript_blocking
             POLICY "WScript_blocking"
                 KEYNAME !!W_WSH
             ACTIONLISTON
               VALUENAME ""
               VALUE !!WScript_cmd
             END ACTIONLISTON
                   ACTIONLISTOFF
               VALUENAME ""
               VALUE !!WScript_cmd_def
             END ACTIONLISTOFF
         END POLICY ;WScript_blocking
      END CATEGORY ; WSHFile

   END CATEGORY ; "Script_blocking"


[STRINGS]
CScript_cmd="%SystemRoot%\system32\NOTEPAD.EXE "%1" "
WScript_cmd="%SystemRoot%\system32\NOTEPAD.EXE "%1" "

CScript_cmd_def="%SystemRoot%\System32\CScript.exe "%1" %*"
WScript_cmd_def="%SystemRoot%\System32\WScript.exe "%1" %*"


C_VBS="SOFTWARE\Classes\VBSFile\Shell\Open2\Command"
W_VBS="SOFTWARE\Classes\VBSFile\Shell\Open\Command"

C_js="SOFTWARE\Classes\jsfile\Shell\Open2\Command"
W_js="SOFTWARE\Classes\jsfile\Shell\Open\Command"

C_WSH="SOFTWARE\Classes\WSHFile\Shell\Open2\Command"
W_WSH="SOFTWARE\Classes\WSHFile\Shell\Open\Command"
0
Comment
Question by:D_baker
  • 2
  • 2
4 Comments
 
LVL 16

Expert Comment

by:JamesDS
ID: 10643903
You can import the ADM file into your local system policy:

From the command prompt run MMC.EXE
From the file menu select "add/remove snapin" and then press add
Add the snapin "group Policy" and select it for the local machine

Navigate to the Administrative templates section for either the user or computer configuration

From the action menu select "add/remove templates"
The new ADM file setting will appear in the container and you will be able to configure the settings from there.

Beware that these settings will apply to everyone if configured from the computer configuration so do't disable something you may want to use later

HTH Cheers

JamesDS
0
 

Author Comment

by:D_baker
ID: 10645166
Thanks i know all about polcies and active directory but i want to know how to stop cmd and bat files from running without stopping complete script processing
0
 
LVL 16

Accepted Solution

by:
JamesDS earned 500 total points
ID: 10647150
sorry, lets try that again

You need to create a new category and insert it above the end category command:

I have no way of testing this here so expect to do a little debugging :)

       CATEGORY "CMDFile"
          POLICY "CMDScript_blocking"
               KEYNAME !!C_CMD
             ACTIONLISTON
               VALUENAME ""
               VALUE !!CMDScript_cmd
             END ACTIONLISTON
                ACTIONLISTOFF
               VALUENAME ""
               VALUE !!CMDScript_cmd_def
             END ACTIONLISTOFF
         END POLICY ;CMDScript_blocking
      END CATEGORY ; CMDFile


Add these strings:

CMDScript_cmd="%SystemRoot%\system32\NOTEPAD.EXE "%1" "

C_CMD="SOFTWARE\Classes\CMDFile\Shell\Open\Command"

CMDScript_cmd_def="%SystemRoot%\System32\CMD.exe "%1" %*"


That should get you started on .CMD files, follow my workings to do the .BAT files.

Cheers

JamesDS
0
 

Author Comment

by:D_baker
ID: 10648014
Many Thanks
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question