Archived from groups: microsoft.public.win2000.group_policy (
More info?)
The best solution by far is to upgrade to XP Pro computers and user Software
Restriction Policies as described in the link below.
http://support.microsoft.com/?kbid=310791
It is much more difficult for Windows 2000 computers. To start with do not let
regular users be power users or local administrators unless absolutely necessary and
if you do you really can not restrict what they do. Keep in mind it is very easy for
any user who can boot from a floppy, cdrom, etc [anything but the system hard drive]
to become an administrator on the computer by resetting the local administrators
password with widely available free utilities. USB ports are another problem.
For regular users you can populate the disallowed Windows applications list after you
read the full explanation on what it does and also consider disabling the command
prompt and registry editing. You may also want to add install.exe, setup.exe,
msiexec.exe, and command.com to the disallowed list. You can also use Group Policy
to configure Internet Explorer Web Content Zones to prevent downloads from
unauthorized or any websites. A firewall that controls outbound access can also be
helpful by curbing the use of unauthorized internet applications such as chat
programs and file swappers.--- Steve
http://support.microsoft.com/default.aspx?scid=kb;en-us;323525 -- how to use Group
Policy to restrict specific applications
"Jignesh Soni" <jsoni@onsitetechnology.com> wrote in message
news:1e2af01c454a2$df761730$a001280a@phx.gbl...
> How can I setup policies for all/few users/computers in
> the domain to restrice installation of any or some
> softwares ?? I have many users in the domain installing
> all junk software which corrupts their computer in some or
> the other ways.
>
> Please also reply to me email:
> jsoni@onsitetechnology.com
>
> Thanks in Advance