Alun Hughes wrote:
> Wow thats Awsome Darryl Im deffinatly gonna talk about putting this into
> affect for the domain. But i just have one concern our policy for users does
> not allow them to install software will they still be allowed to install the
> addons?
Alun,
If the users in question already have limited user rights, the majority
of the software out there will not allow them to install anyway w/o
adminstrative rights. You will still have to manage the add-ons as they
become available. You can give the users the right to manage if you'd
like. But, would you really WANT TO do that? Part of this deployment is
proper planning. YOU as the tech, or you as the group of tech's
responsibility is to test this in a lab environment before you approve
it for production. It is in the list of options that I pointed you,
somewhere, I don't know where exactly, but I do remember seeing it.
>
> "Darryl" wrote:
>
> > Well, In most organizations that are in domain environment/setups they
> > have GPO's linked to certain OU's. If you have something like this in
> > your org., browse to the OU that holds the GPO and Right click, go to
> > Properties, then go to the Group Policy tab.
> > >From there, browse to the path I gave you earlier, and that will get
> > you started.
> >
> > Or, you can create your OWN OU (recommended) and start fresh, that way
> > it won't interfere with any existing GPO or policys. It is also
> > recommended to NOT mess with the default domain policy. Just leave it
> > be, and create your own.
> >
> > Let me know if that gives you the information you need.
> >
> > HTH
> >
> > Alun Hughes wrote:
> > > Thanks Darryl! I have tried allowing them into trusted zones but the computer
> > > settinsg stop these user from installing software! I am interested In your
> > > second suggestion though im just not sure were I am able to add this in could
> > > you give me more information on this CLSID?
> > >
> > > "Darryl" wrote:
> > >
> > > >
> > > > Alun Hughes wrote:
> > > > > Hello folks thanks for taking the time to read this post.
> > > > >
> > > > > First of a certain web based product we use for gathering real estate
> > > > > listings requires active x plugings our GPO stops users from installing there
> > > > > own software cause as you know when you let people do that you get all the
> > > > > nasty spy and malware. So my question is can I set a GPO to only allow active
> > > > > X controles for the particular url of our application while still disallowing
> > > > > active x from the rest of the web!
> > > > >
> > > > > Here is my task:
> > > > >
> > > > > With our situation, I'd like you to research a way for the users on the
> > > > > shared computers to freely download Active X controls for MLXchange only. I
> > > > > do want to continue to stop them from downloading the controls for other
> > > > > sites since that's how some of those computers became full of spyware before.
> > > >
> > > > What about adding the site you want them to access under the GPO for
> > > > the trusted sites list?
> > > >
> > > > Or, just find the CLSID and add it under Computer
> > > > Configuration>Administrative Templates>Windows Components>Internet
> > > > Explorer>Security Features>Add Management>Add-on List.
> > > >
> > > >
> >
> >
|
Similar Threads
