• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 357
  • Last Modified:

Script Logic

Can anyone tell me how in ScriptLogic to push out a script to stop users from downloading (or running) executable files on their computers from the internet?
0
abolla
Asked:
abolla
1 Solution
 
luv2smileCommented:
Well if a user doesn't have admin rights then they can't install most programs...so the best way to prevent them running most .exe files is to make sure your users are not administrators on their machines. If they are admins then they have full control over the machine.

I don't know about scripts....but my personal opinion is that if a user has admin rights it is very hard if not impossible to stop them from downloading and installing programs. You can use group policy to restrict downloads and installs, but this can get tricky and users can often find ways around it.

The big thing on this one is to take away local admin rights.....
0
 
pjedmondCommented:
There are other ways to prevent users downloading executables. These include http/ftp proxies that block executables. Email scanners can be configured to strip away any executables attached.

Regardless of how you decide to do this, the best starting point is to get a good sensible corporate IT policy in place forbidding the download of executables. Once that's done, any blocking of executables will not cause you problems as you will be seen to be carrying out the will of the company, rather than being a 'spoil-sport'!
0
 
veedarCommented:
Sounds like you are looking for "Software Restriction Policies"  Do a google on it and you will find lots of info.  Here's one...

http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/rstrplcy.mspx
0
 
ronkupperCommented:
1.You could disable Download Capabilites in IExplorer -
http://www.iamnotageek.com/a/46-p1.php

If you need you could also do it from Group Policy to apply the settigns on multiple computers.
(you could also hide the Advanced tab so users wont be abloe to change that setting)

2. (A very interesting approach) You can deploy "TrustNoExe" to explicitly define the allowed applications to be run by users.
More info here -

http://www.beyondlogic.org/consulting/trust-no-exe/trust-no-exe.htm
(Its a genius tool, and Free!)
0
 
ronkupperCommented:
Glad I could help!
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now