I need to disable access to a windows desktop application rather quickly. I was looking for input in regards to how others do this ?
How i am currently doing it is via a GPO. I am blocking the EXE from being run in its location. The problem is it takes forever for 250 pc's to get hit with this.
What i do is :
- One hour before lockout I put the PC's in the OU with the Blockout GPO applied.
- at time of lockout I reboot the pc's
They do not all seem to get hit with it.. ie locked out of the app.
We are VMware view.. these are virtual desktops.. and we use an app called Unidesk to push out our applications / base image.
Accounting needs our accounting App inaccessible to everyone for year end / month end. However people scream if they are not allowed into it up until the last moment.
i.e. I can not turn off access and deny the app the night before.
The GPo i currently use Eventually works.. however You need to keep the pc turned off for quite a while.
MY process works fine If there is just ONE pc ( mine ).. however when I up this to 250 machines it's not so fast.
I was just wondering if anyone ever needs to lockout access to an app very quickly.. and how THEY do it.
thanks much !