2003 Terminal Server (App Mode)
2003 Domain Controller


I have made and OU Remote_Users. These users have to have a very limited desktop. I have accomplished all objectives except one. Internet Explorer is available no matter through somewhat of a back door. IE cannot be launched using traditional methods.
What I found is that when I go to the "View" option in windows explorer and than down to "goto" , I can hit homepage and poof theirs full blown IE again.

Policys Ive already Implemented: (All Under User Settings)

Admin Templates - System - Do not run specified windows applications ( I specified iexplore.exe )

What I did for now is made a bogus proxy that they cant change. Works well but seems like a hack to me.

I also disabled their access to cmd.exe just in case, for some strange reason IE is being run from another process than windows explorer like cmd.exe which I higly doubt.

I would love any suggestion to permanantly disable or maybe to remoce acccess to the "goto" option under "View"

I appreciate any feedback.
0 Comments   [ - ] Hide Comments


Please log in to comment

Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
Answer this question or Comment on this question for clarity


Why not use software restriction on this one?
Answered 08/01/2005 by: AngelD
Red Belt

Please log in to comment
Yea, thats probably the answer, Unfortunately im not to familiar with that feature. I know its a powerful tool, but I have not worked with it much. I will play with it and see if I can figure it out and post back.

Answered 08/03/2005 by: VectroMike
Yellow Belt

Please log in to comment
Is it MSIE that bothers you, or is it internet access that you want to restrict?
If it's the latter one, see if modifying routing tables can come to your help...
Answered 08/03/2005 by: revizor
Third Degree Blue Belt

Please log in to comment