jamesreddy
asked on
Prevent Applications from running from command prompt.
I may just be spacing here, but I seem to recall a way that there was to prevent applications from being run from the command line. Here's the situation. I blocked access to the C: drive and to certain applications on the C: drive using group policy. I knew that blocking certain applications in group policy would not work from the command prompt, which is why I prevented access to the C: drive. When you go to start > Run then type c:\, it comes up properly and blocks the drive from coming up. But when you run cmd.exe, then change drives, the drive is fully accessible.
I really thought there was a way to stop that....and I'm either wrong or I just cannot remember how to do it. Can anyone offer a quick fix to this? It seems stupid to block access to everything EXCEPT if you go into the command prompt.
FYI...I don't want to block access to the command prompt simply because the students need access to TCP/IP diagnostic tools for their networking classes.
Thanks in advance!
James
I really thought there was a way to stop that....and I'm either wrong or I just cannot remember how to do it. Can anyone offer a quick fix to this? It seems stupid to block access to everything EXCEPT if you go into the command prompt.
FYI...I don't want to block access to the command prompt simply because the students need access to TCP/IP diagnostic tools for their networking classes.
Thanks in advance!
James
# 302 "Disable CMD", here: http://www.kellys-korner-xp.com/xp_tweaks.htm
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the suggestions folks, but notice the part of my question where I WANT them to have access to the command prompt, but NOT to the applications. They need access to the command prompt for their classes.
In any event, I figured it out. It was the software policy portion of group policy. I created a path statement and a hash statement to be disallowed for the applications I do not want students to use. They can now no longer execute the program from the command prompt.
James
In any event, I figured it out. It was the software policy portion of group policy. I created a path statement and a hash statement to be disallowed for the applications I do not want students to use. They can now no longer execute the program from the command prompt.
James
ASKER
Since Callrs second link on software policies was the correct answer...I'm awarding him the points. Thanks for everyone's input.
James
James