G
Guest
We currently use group policy to set screen saver settings such as executable
name, password protect the screen saver, and screen saver timeout. This is
particularly important for our traveling sales people. They are set up as
local administrators in order to run custom software that we develop.
I happened to be doing some service on one of our sales laptops, and found
that one of them had edited the registry
(HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Control Panel\Desktop)
to circumvent the timeout. I wish to lock this down further with
permissions, but am unsure of the best way to go about it.
Is there a way to publish a local registry permission so only Domain Admins
can modify?
name, password protect the screen saver, and screen saver timeout. This is
particularly important for our traveling sales people. They are set up as
local administrators in order to run custom software that we develop.
I happened to be doing some service on one of our sales laptops, and found
that one of them had edited the registry
(HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Control Panel\Desktop)
to circumvent the timeout. I wish to lock this down further with
permissions, but am unsure of the best way to go about it.
Is there a way to publish a local registry permission so only Domain Admins
can modify?