Link to home
Start Free TrialLog in
Avatar of maryam_adnan
maryam_adnan

asked on

Deny user in domain from install any program or VPN application.

Hello,

Please I have domain controller with windows server 2008R2 and all user join this domain all user have windows 7 OS. How I can deny them from install any application. All user have user authority and that deny them from install some application but they still they can install another application which do not need administration authority like VPN application (ultrasurf, hotshpot shield...etc),google chrome or any tool bar

I want to deny them from install anything (application, tool bar..etc)

Regards
ASKER CERTIFIED SOLUTION
Avatar of John
John
Flag of Canada image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of maryam_adnan
maryam_adnan

ASKER

Hello,
Please use standard user do not solve the problem. Because there are many application can install without need administrator privilege like (ultrasurf, hotshpot shield..etc ). In addition, tool bar.

I need to done this from server

Regards
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Hello,

Thank you for your reply. Prevent in control panel will not prevent user from add (VPN application). I try to use mandatory profile. I prohibited all control panel but this not solve problem. they still able to install hotshpot shield and other program like that.

Any Idea will help me

Regards
VPN must be Microsoft VPN, because NONE of my clients can install NCP IPsec. It cannot happen.

So what programs are allowed that are problems?

The only thing I see is the occasional toolbar for IE, and while I do not like them, they are harmless for the most part.

You make it sound like anything and everything can be installed and that is not true in my client machines.
Hello,

Thank you for your reply. No, . Actually I want to deny application like ultrasurf, hotshpot shield. the other application is denied by Group Policy

Regards
Some people use DNS Redirector to block all the proxy / anonymizer websites / VPN .

DNS Redirector is at http://dnsredirector.com/

You may need to use something like this.

You also need a Company Policy that precludes the use of these things and enforces disciplinary measures on people caught.

My clients do not have time for theses things and I do not see them.
I have done some more looking and really you need to block the sites it uses for setting up data transmissions.
Hello,
I check this website https://forums.opendns.com/comments.php?DiscussionID=17357 for openDNS and it show that open DNS also can not block hotspot.

Please any other way can help to accomplish this job

Regards
Apparently the only way you can stop this is by blocking the IP addresses used by Hotspot Shield. It is apparently a simple program (which is why it installs) and uses web VPN services.

You DO need a Company Policy that expressly forbids its use and provides disciplinary action if the product is found.
SOLUTION
Avatar of McKnife
McKnife
Flag of Germany image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
@maryam_adnan - Thank you and I was happy to help. Hotspot Shield is a natty problem.