[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

GPO

Posted on 2007-11-30
3
Medium Priority
?
408 Views
Last Modified: 2010-04-18
Is there a GPO so users cannot install software, even if there are local administrators
0
Comment
Question by:aardmancgi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 1000 total points
ID: 20382985
Software Restriction Policies can help, but only if you configure the restrictive "Only allow the software that I explicitly list here:" setting, which is difficult to administer/maintain on an ongoing basis: http://www.windowsnetworking.com/articles_tutorials/Software-Restriction-Policies.html
0
 
LVL 13

Expert Comment

by:rhinoceros
ID: 20383860
As I know, It is impossible by GPO. Because local administrators are the top one in locally after logon.

0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 20384085
rhinoceros - Software Restriction Policies, when properly configured, will affect even local administrators of a given computer.  It's just a question of whether it's worth the time needed to test, deploy and maintain the kind of locked-down environment needed to do so.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question