abendv_10
asked on
Prevent users to create shortcuts on desktop
Hi,
In Windows 2003 server (Terminal Server)
I like to prevent users to create shortcuts on desktop.
I can use either registry key, Plolicy or any other idea.
Thank you.
Adi
In Windows 2003 server (Terminal Server)
I like to prevent users to create shortcuts on desktop.
I can use either registry key, Plolicy or any other idea.
Thank you.
Adi
A simple answer? Make the desk top Read Only to the user(s). Only allow the Adminsitration account.
you could give them a mandatory profile.
then when they log off and then back on, any settings they have changed will be reverted back to origninal.
then when they log off and then back on, any settings they have changed will be reverted back to origninal.
Hi GHemphill,
Disable "Save Desktop on Exit"
Default behaviour for XP is to save the desktop configuration on exiting the operating system. To prevent saving the desktop configuration, implement the following registry edit.
[Start] [Run] [Regedit]
Registry Key: HKEY_CURRENT_USER\Software \Microsoft \Windows\C urrentVers ion\Polici es\Explore r
Modify/Create the Value Data Type(s) and Value Name(s) as detailed below.
Data Type: REG_DWORD (Dword Value) // Value Name: NoSaveSettings
Setting for Value Data: [0 = Disabled / 1 = Enabled]
Exit Registry and Reboot
From http://www.theeldergeek.com/disable_save_desktop_configurati.htm
or rename their ntuser.dat file to ntuser.man
PeteL
Disable "Save Desktop on Exit"
Default behaviour for XP is to save the desktop configuration on exiting the operating system. To prevent saving the desktop configuration, implement the following registry edit.
[Start] [Run] [Regedit]
Registry Key: HKEY_CURRENT_USER\Software
Modify/Create the Value Data Type(s) and Value Name(s) as detailed below.
Data Type: REG_DWORD (Dword Value) // Value Name: NoSaveSettings
Setting for Value Data: [0 = Disabled / 1 = Enabled]
Exit Registry and Reboot
From http://www.theeldergeek.com/disable_save_desktop_configurati.htm
or rename their ntuser.dat file to ntuser.man
PeteL
GHemphills answers sounds good, but if the desktop locations are diffenrent for each user, it will be a big hassle going around locating all the folders and making them read only.
you could also use group policy to hide the desktop so they only use start menu
you could also use group policy to hide the desktop so they only use start menu
You could create a program that deletes *.ink from the desktop that runs at startup. Or even add some lines to autoexec.bat like so...
cd C:/documents and settings/usename/desktop
del *.ink
those lines should delete all shortcuts whenever the computer starts up.
I prefer to do things by programming than use windows features ;o)
cd C:/documents and settings/usename/desktop
del *.ink
those lines should delete all shortcuts whenever the computer starts up.
I prefer to do things by programming than use windows features ;o)
If you can work with VB then u use
Kill
followed by the pathname, then file name eg:
kill "C:/documents and settings/usename/desktop/* .ink"
should work
regards,
NIPPLES
Kill
followed by the pathname, then file name eg:
kill "C:/documents and settings/usename/desktop/*
should work
regards,
NIPPLES
I usually remove user's write and execute permissions to the desktop. This prevents them from creating files or shortcuts on the desktop and prevents them from executing files if they happen to find a way of downloading stuff to the desktop. I use XCACLS to do this, something like:
xcacls %userprofile%\desktop /t /c /p %username%:r;xr system:f administrators:f /y
Just adjust the permissions to suite your needs.
xcacls %userprofile%\desktop /t /c /p %username%:r;xr system:f administrators:f /y
Just adjust the permissions to suite your needs.
In our terminal services environment, users not only have mandatory profiles, but they also have read-only profiles, and the context menus (right-click) have been disabled.
HTH,
exx1976
HTH,
exx1976
loads of workable solutions but no feedback :(
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.