09/23/2009 2447 views
I have to do a package to install an application for a PC with WinXP and anything else. The idea is of doing the unattended/silent installation and then to form many things on the O.S., such as to disable any attempt of manual installation, to disable the access to the local disc, to eliminate RUN from the start menu, and many other things that we might do with Group Policies or with AD. But I have to do this across a MSI, may be with CA or I don't know how because there is no AD and nobody can be going to every PC to install it.
Have you some idea?
0 Comments   [ + ] Show comments


Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.

All Answers

I've never tried it but, since policies ends up in a bunch of registry settings, you could try simply setting those entries. For example, to disable the 'Run' Start menu item http://www.pctools.com/guides/registry/detail/151/

Remember that, true to Microsoft's inconsistent approach to consistency, some entries will be in [HIVE]\Software\Microsoft\Windows\CurrentVersion\Policies but others in [HIVE]\Software\Policies
Answered 09/23/2009 by: VBScab
Red Belt

Wouldn't you be best off creating and applying a security template using secedit.exe?

You can still apply it via CA if you have to use an MSI...


Answered 09/23/2009 by: MSIPackager
3rd Degree Black Belt