Solved

How block installation right of domain user added into local admin group ?

Posted on 2008-10-02
5
1,070 Views
Last Modified: 2013-12-19
 We have some user required admin right to RUN the Software . but same time he breaks some
 Security policy . We want prevent them to installed any software .
only local admin can installed the software.
0
Comment
Question by:Nitinbd80
  • 2
  • 2
5 Comments
 
LVL 18

Accepted Solution

by:
sk_raja_raja earned 200 total points
ID: 22627041
Nitin,

You can do by creating a group policy or a local policy on the machine...Look into Software Restriction Policies  - you can restrict users so that they can only run the applications that you permit,
or you can specifically disallow only certain files or file types

Ref there..

http://www.windowsnetworking.com/articles_tutorials/Software-Restriction-Policies.html
0
 
LVL 11

Expert Comment

by:snoopfrogg
ID: 22629380
Just to clarify:  Is the user a local administrator or not?  
0
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 22629413
you can add the user in powe user group but assigne permission in software restriction policy to install software.
0
 
LVL 11

Expert Comment

by:snoopfrogg
ID: 22629438
Ah, after re-reading I think I understand.  Nitinbd80, you're saying that you need to grant administrative rights to the user in order for them to run an application.  

Typically you can circumvent granting them local administrator rights by only granting them elevated privileges to the Program Files\Application folder rather than to the whole workstation.  You may also need to grant them elevated privileges to the C:\Windows\Temp folder if the application needs access there.  By only granting them elevated privs to these folders, you avoid the software installation issue that comes with making them local admins.

This isn't ideal for security, but applications shouldn't require end users to be administrators to run in the first place.
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question