Link to home
Start Free TrialLog in
Avatar of fizzeriano
fizzeriano

asked on

Im looking for registry change to disable "tcp/ip properties" access to prevent users for changing ip address

I just want to disable tcp/ip properties access to my users, actually all the computers are in a workgroup (not a domain), so my toughs are that maybe i can do it through some registry change or changes, do some one have experience on this?


many thanks in advance

Victor
Avatar of SLafferty1983
SLafferty1983
Flag of United States of America image

You can set it as a local group policy on each machine. I am not sure the registry settings to change but I know you can go to Start --> Run and type gpedit.msc. That will bring up the local group policy editor. You could remove it there.
Avatar of fizzeriano
fizzeriano

ASKER


Yes i can change it  there, but i  dont know wich policies to enable, in order to prevent users, even if they have admin rights, to access ip properties, of course admins with gpedit knowledge can turn off-and-on the feature, thats the general idea of what i look for

thanks for your help
ASKER CERTIFIED SOLUTION
Avatar of Andrej Pirman
Andrej Pirman
Flag of Slovenia image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Just want to ad the i must choose "disable access for admin also in gpedit"
Try using a security policy:

 - click start and run
 - type gpedit.msc, hit OK
 - go to:
     User Configuration\Administrative Templates\Network\Network and Dial-up Connections
 - look for these two objects:
     Enable Windows 2000 Network Connections settings for Administrators
     Prohibit access to properties of components of a LAN connection
 - double-click both objects and change to "Enabled"
 - click Apply and close the editor
 - I don't think you have to restart (but you might)

Good luck!
Regarding Jemiii's advice, here is copy-paste from "Prohibit access to properties of compontents of a LAN connection" tab:
If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the Properties button is disabled for Administrators. Network Configuration Operators are prohibited from accessing connection components, regardless of the "Enable Network Connections settings for Administrators" setting.