/build/static/layout/Breadcrumb_cap_w.png

Set Local policies trough a MSI

Hi,
I have to do a package to install an application for a PC with WinXP and anything else. The idea is of doing the unattended/silent installation and then to form many things on the O.S., such as to disable any attempt of manual installation, to disable the access to the local disc, to eliminate RUN from the start menu, and many other things that we might do with Group Policies or with AD. But I have to do this across a MSI, may be with CA or I don't know how because there is no AD and nobody can be going to every PC to install it.
Have you some idea?
Asked 14 years ago 2480 views
0 Comments   [ + ] Show comments

Answers (2)

Posted by: anonymous_9363 14 years ago
Red Belt
0
I've never tried it but, since policies ends up in a bunch of registry settings, you could try simply setting those entries. For example, to disable the 'Run' Start menu item http://www.pctools.com/guides/registry/detail/151/

Remember that, true to Microsoft's inconsistent approach to consistency, some entries will be in [HIVE]\Software\Microsoft\Windows\CurrentVersion\Policies but others in [HIVE]\Software\Policies
Posted by: MSIPackager 14 years ago
3rd Degree Black Belt
0
Wouldn't you be best off creating and applying a security template using secedit.exe?

You can still apply it via CA if you have to use an MSI...

microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/secedit_cmds.mspx?mfr=true

Cheers,
Rob.
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.
 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ