Solved

Restricting AD Users for accessing some programs

Posted on 2009-07-13
8
200 Views
Last Modified: 2012-05-07
We are running Windows 2003 Active Directory. We want to allow access to a specific program to some particular users using Group Policy. If users go to Start --> Programs or Start --> All Programs, that particular application will be available to them and other applications will be invisible to them.

Is it possible to do so with Active Directory Group Policy?
0
Comment
Question by:hchabria
  • 4
  • 2
  • 2
8 Comments
 
LVL 23

Expert Comment

by:rhandels
ID: 24838084
Hey,

Not this is not possible i'm afraid.. At least not with policies... There is another way of doing this, i;ve done that trick in a Terminal Server Environment..
Make sure to redirect the start menu to a specified place on thier home drive, create a source folder with all applications and shortcuts in it and, when users start up, use robocopy (or at least a good copieng tool) to copy only those files users have permissions on. This way you can change the start menu for a user when logging in..

Not quite sure if you need to delete the default user and all user's start menu folder..
0
 
LVL 70

Expert Comment

by:KCTS
ID: 24838094
You can use a software restriction group policy and permit them to use only the specified program(s). You will need to organise the users into an OU, then apply the software restriction policy to that OU

See http://support.microsoft.com/kb/324036
0
 
LVL 23

Accepted Solution

by:
rhandels earned 250 total points
ID: 24838116
Yeah, but that will only block the applications from being used and it will also give the user an error which isn;t quite user friendly tbh, it will not remove the shortcuts from the start menu.. But if you would like to be able to disable applications from being used, then yes this is an option..
0
 

Author Comment

by:hchabria
ID: 24838190
OK. Can I hide "Programs" menu which comes under "Start" menu? Using Group Policy I can hide "All Programs", but not able to hide "Programs".
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 
LVL 23

Expert Comment

by:rhandels
ID: 24838198
For as far as i know it is not possible, might be i'm mistaking off course.. :)
0
 
LVL 70

Assisted Solution

by:KCTS
KCTS earned 250 total points
ID: 24838231
If you want them to se only the programs that you specify then you need to build them a profile only the desired programs see http://www.vssbusinesssolutions.com/HelpDesk/KB/a15/how-to-create-a-custom-default-user-profile.aspx
0
 

Author Comment

by:hchabria
ID: 24838427
If Group Policy does not work then it is better to use Software Restriction Policy.

I have enabled Software Restriction Policy and restricted Notepad.exe using the following document (URL is given), but users are still able to access Notepad. Am I using correct procedure?

http://windowsitpro.com/article/articleid/97128/how-do-i-use-group-policy-to-block-a-specific-application.html
0
 
LVL 23

Expert Comment

by:rhandels
ID: 24838611
Did you update the policy for those users?? Log in, go to start --> run and type gpupdate /force.
Also, you can use the GPMC (Group olicy Management Console) and do a RSOP to see if the policy is active on their machines..
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Learn about cloud computing and its benefits for small business owners.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now