Ask the Expert

Users having unauthorized administrative privileges

I came across something recently that I found a little troublesome: 99% of my users are logging into Windows 2000 terminal servers with roaming profiles. I have my Group Policy configured so that they are not allowed to save downloads from the Internet, but if they choose the Open option instead of Save, a user is able to install a downloaded program from the Internet, without having to save it anywhere first. I have my Group Policy configured so that my users do not have the privileges to install applications, also.

Am I totally missing something here? Is there a simple policy setting to disable the Open option that I just overlooked?

    Requires Free Membership to View

This can typically be directed back to the fact that you are allowing the users to be administrators on the box, even in the Terminal Services session. If they are not administrators, they should not be able to install most of these applications. If all of these applications are add-ons, there are new controls for add-ons in the Group Policy settings for Windows XP SP2 and greater. I can't find any setting myself that can control the Open vs. Save issue that you are talking about.

This was first published in November 2005

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: