Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1091
  • Last Modified:

Disable "New>Shortcut" using Group Policy

Hello, I have tired looking on google for information on this but with no success.

I want to be able to lock down certain user accounts in Group Policy to disable the ability of creating short cuts from the file menu and by right clicking. We have important hard drives hidden, however to get past this users are creating short cuts to the c: drive etc.

So ideally I was looking for a solution using group policy to disable the ability of creating new shortcuts. Any ideas?
0
alumwell
Asked:
alumwell
  • 3
  • 2
2 Solutions
 
udaya kumar laligondlaTechnical LeadCommented:
any one can access the files even if you block creation of the shortcut if they have access. one way is to remove the groups from the drive's security list(using the security tab of the properties) this will help you to implement all kinds of controls you want to impose for the group.
0
 
alumwellAuthor Commented:
I still dont mind them viewing the drive, they cant alter anything, however they can see network drives which store login scripts and security so I wish them not been able to view files like that.
0
 
udaya kumar laligondlaTechnical LeadCommented:
if the drive is local (C:,D: etc)on the machine you can change the security settings of the drive to make the files not accssible, they can view the drive but can not browse the files.
if the drive is a network share(\\targetmachine\C$" mapped as drive then it is difficult to stop them from viewing the file, once you map the drive you will not be able to set the security settings for the same
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
alumwellAuthor Commented:
Its not a local drive its a network drive. However it is not mapped. The login script is called which is stored on the network drive. If there is an error on the login script it will display a message along with the location of the file. Now most users wont think another thing of it, however there are some users of our network who go out of their way to hack and break into stuff. I would like to prevent this from happening
0
 
dwarner8Commented:
On your network drive. Make sure your have NTFS permissions and set the security to allow users only the right to read. Right click on the drives properties, go to the security tab, and make sure your users can read only.
0
 
alumwellAuthor Commented:
It has fixed the current problem but not prevented users from creating short cuts
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now