Solved

A way to restrict the installation of Live Messenger

Posted on 2008-10-10
9
277 Views
Last Modified: 2012-06-21
Is there a way to restrict the installation of Windows Live Messenger and other programs like that?
Is there a registry entry that I can push down through a login script or gpo that would disable it?
0
Comment
Question by:johnbowden
  • 6
  • 3
9 Comments
 
LVL 31

Expert Comment

by:Paranormastic
ID: 22690474
Written against Win2k, but still valid.  This will work for pretty much any program.
http://support.microsoft.com/kb/323525
0
 
LVL 31

Expert Comment

by:Paranormastic
ID: 22690522
You might also want to look at your firewall to handle tricky users that use non-MS products that also use MSN services, such as trillain chat program.  Here's the down and dirty on what you need to now for that:
http://support.microsoft.com/kb/927847
You can google the app service name and "TCP AND OR UDP ports" (e.g. AIM TCP AND OR UDP ports) and that should get you in the right direction as well.  If people complain too much about not having a chat, a good internal-only app is Microsoft Communicator, which integrates with Office.
0
 
LVL 8

Expert Comment

by:TDKD
ID: 22692356
You can disable it from running by way of GPO. I have not tried to disable installation though; I will work on that and get back to you. If I were to guess I would say it is possible through GPO as well.
DoNotAllowWindowsMessenger.JPG
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 8

Accepted Solution

by:
TDKD earned 125 total points
ID: 22692530
If the computers in question are on a domain? Then you should set your DHCP server to forward the following:

Here is what you should add to the users host file, obviously I blocked a whole lot more then Messenger so you can remove the other entry's. At the firewall level I just added the ip addresses of all the pages I configured at the host file, in case user's try to open these pages using the direct address. The reason I configured at the host level is because these ip addresses sometimes change, so this will block the name and the ip)

127.0.0.1 www.e-messenger.net 
127.0.0.1 www.iloveim.com 
127.0.0.1 www.msnger.com 
127.0.0.1 messenger.msn.com
127.0.0.1 messenger.yahoo.com
127.0.0.1 webmessenger.msn.com
127.0.0.1 mob.e-messenger.net
127.0.0.1 harare.e-messenger.net
127.0.0.1 wap.e-messenger.net
127.0.0.1 boston.e-messenger.net
127.0.0.1 hongkong.e-messenger.net
127.0.0.1 houston.e-messenger.net
127.0.0.1 bangkok.e-messenger.net
127.0.0.1 hongkong.e-messenger.net
127.0.0.1 e-messenger.net
127.0.0.1 start.e-messenger.net
127.0.0.1 macau.e-messenger.net
127.0.0.1 tokyo.e-messenger.net
127.0.0.1 chicago.e-messenger.net
127.0.0.1 washington.e-messenger.net
127.0.0.1 orlando.e-messenger.net
127.0.0.1 homer.e-messenger.net
127.0.0.1 www.hotmail.com 
127.0.0.1 mail.yahoo.com
127.0.0.1 www.msn2go.com 
127.0.0.1 www.msn2go.com 
127.0.0.1 www.onlinemessenger.nl 
127.0.0.1 www.wbmsn.net 
127.0.0.1 www.e-messenger.cl 
127.0.0.1 www.msnanywhere.com 

0
 
LVL 8

Expert Comment

by:TDKD
ID: 22692555
Sorry, the DHCP bit was confusing (I am very tired). I began to speak to DHCP but then went on about Host files and Firewall settings...lol
0
 
LVL 31

Expert Comment

by:Paranormastic
ID: 22713332
Last I remember restricting Windows Messenger (the one listed in GPO by name) only handles the default installation if it was checkmarked to install with Windows.  I believe that this does not cover MSN Messenger or Live Messenger, even though they all connect to the same service.  Again, since there are so many 3rd party utilities, you might want to look into blocking at the firewall as well.
0
 
LVL 8

Expert Comment

by:TDKD
ID: 22713358
I hate it when people use "Again" in statements, you just never know how to read them?? If you can work with the network Admin, I am sure he can block this traffic.
0
 
LVL 8

Expert Comment

by:TDKD
ID: 22713404
I do like Paranormastic's first reply to this question. It seems that may be your best bet, if you can work with the Active Directory Admin to restrict this program by way of GPO, and possibly use of a logon script with certain registry entries.
0
 
LVL 8

Expert Comment

by:TDKD
ID: 22713424
This way the user's laptops, when off site should hold the local policy settings that were changed by the GPO and of course the Registry settings remain intact regardless of location.
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Months ago my boss came to me with a simple request, “How can we minimize GoTo meeting accounts and also improve our integration and collaboration initiatives?”  Well the answer, with some research, was easy… Lync.  Lync provided us all the necessar…
Learn about cloud computing and its benefits for small business owners.
The goal of the tutorial is to teach the user how to instant message and make a video call in Skype.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question