G
Guest
Hello. I'm trying to use Windows XP as the OS in a school for public-use computers in a lab. I'll be giving domain accounts to all the students. All of them will be able to the lab computer using their account and, so far, looks like they'll be in the Users group
My problem is that I see that the Users group can run regedit (or any other registry utility) and change permissions for keys they don't own, like HKLM and HKCR. A user can change permissions to allow himself full-control of the key. I want users to do whatever they want with HKCU only (HKU\username) but not others nor HKLM and derivates (including HKCR)
Can someone help me or point me to the right direction? Thank you.
My problem is that I see that the Users group can run regedit (or any other registry utility) and change permissions for keys they don't own, like HKLM and HKCR. A user can change permissions to allow himself full-control of the key. I want users to do whatever they want with HKCU only (HKU\username) but not others nor HKLM and derivates (including HKCR)
Can someone help me or point me to the right direction? Thank you.