fizzeriano
asked on
Im looking for registry change to disable "tcp/ip properties" access to prevent users for changing ip address
I just want to disable tcp/ip properties access to my users, actually all the computers are in a workgroup (not a domain), so my toughs are that maybe i can do it through some registry change or changes, do some one have experience on this?
many thanks in advance
Victor
many thanks in advance
Victor
You can set it as a local group policy on each machine. I am not sure the registry settings to change but I know you can go to Start --> Run and type gpedit.msc. That will bring up the local group policy editor. You could remove it there.
ASKER
Yes i can change it there, but i dont know wich policies to enable, in order to prevent users, even if they have admin rights, to access ip properties, of course admins with gpedit knowledge can turn off-and-on the feature, thats the general idea of what i look for
thanks for your help
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Just want to ad the i must choose "disable access for admin also in gpedit"
Try using a security policy:
- click start and run
- type gpedit.msc, hit OK
- go to:
User Configuration\Administrati ve Templates\Network\Network and Dial-up Connections
- look for these two objects:
Enable Windows 2000 Network Connections settings for Administrators
Prohibit access to properties of components of a LAN connection
- double-click both objects and change to "Enabled"
- click Apply and close the editor
- I don't think you have to restart (but you might)
Good luck!
- click start and run
- type gpedit.msc, hit OK
- go to:
User Configuration\Administrati
- look for these two objects:
Enable Windows 2000 Network Connections settings for Administrators
Prohibit access to properties of components of a LAN connection
- double-click both objects and change to "Enabled"
- click Apply and close the editor
- I don't think you have to restart (but you might)
Good luck!
Regarding Jemiii's advice, here is copy-paste from "Prohibit access to properties of compontents of a LAN connection" tab:
If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the Properties button is disabled for Administrators. Network Configuration Operators are prohibited from accessing connection components, regardless of the "Enable Network Connections settings for Administrators" setting.
If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the Properties button is disabled for Administrators. Network Configuration Operators are prohibited from accessing connection components, regardless of the "Enable Network Connections settings for Administrators" setting.