Solved

I would like to disable the run menu for all my users on my network, except for the administrator.  How do i do that?

Posted on 2006-07-24
10
196 Views
Last Modified: 2013-12-04
Hello,

I would like to disable the RUN menu for the startup menu for all my network users.  At the same time leaving the access available for the administrator only.

How do i accomplish that?
thanks you for your assistance.

0
Comment
Question by:dominicait
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 5

Expert Comment

by:floorman67
ID: 17168321
Group Policy Editor (XP Professional, Server 2003, NT, 2000, 2000 server)

here are some interesting links on it i googled http://www.google.com/search?hl=en&lr=&q=remove+RUN+command
0
 
LVL 5

Expert Comment

by:floorman67
ID: 17168333
you can do it through the registry of your win.ver doesnt support a policy editor
0
 
LVL 1

Expert Comment

by:rimba_
ID: 17176389
Hi,

on the GPO (group policy object) of the group u want to disable the run as.. go to:
User configuration -> Administrative Templates ->Start Menu & Toolbar, In the right panel find "Remove Run from start menu", double click on it and choose enable

i hope this helps
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:dominicait
ID: 17176779
Hey Rimba,

granted what you have contributed has made the most logical answer what i was looking for however, is to exclude the administrators from this setting.

What i have gathered thus far is that i need to create a new group of users with only those that i want affected by this new policy, however what i don't understand, and others out there reading this may also want to ship in, is how do i set this policy to only affect the users that i choose.  Please note that i don't want it to affect all my users, only a select few.

Thanks for your inputs thus far.

regards.
0
 
LVL 1

Accepted Solution

by:
rimba_ earned 125 total points
ID: 17176926
2 options: you add a gpo for the administrator where u disable this option, or you enable oit on the computer itself (on each user u want to forbid this) for the second option you could create a value on the registry:

In: HKEY_CURRENT_USER
Key: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Name: NoRun
Type: REG_DWORD
Value: 1
0
 
LVL 1

Expert Comment

by:butterrfly
ID: 17204340
If you're in a workgroup then I don't think you can choose which users the policy will apply to. However, you can do the reverse: choose the users you DON'T want to be affected by the policy:

1. Use Local Group Policy and set the policy to remove it from the Start Menu, as Rimba had suggested.
2. Set Deny permissions to Administrators on the hidden folder %systemroot%\system32\GroupPolicy (or anyone you don't want the policy to apply to)
*All other users will be affected

It's easier if it's in a domain:
Link the GPO to the OU/container where the affected user objects are stored
-or- set permissions on the GPO and allow only the users you choose
0
 
LVL 1

Expert Comment

by:rimba_
ID: 17402472
i trhink doing the gpo deny option and the allow it to the admin is the easier way to solve this.
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question