This is why it is recommended to give all admins a non-privledge account to log on with and then perform a RunAs and you they're administrative account when they are performing a task that requires it.
If "a limited user accounts can also install a softwares by changing the directory location like C:\", then they are limited enough. Why give non-administrative users write permissions to the root of your system drive? > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Rocky > Sent: Tuesday, February 27, 2007 6:43 AM > To: Richard Medina > Cc: [email protected]; Gregory N Pendergast/AC/VCU; > [EMAIL PROTECTED] > Subject: Re: Prevent users/admin from installing softwares. > > Thank you all for replying. > Actually this is for my client with a small network > that requires not to install anything from the client > station.They are frequently infected by worm/Trojan > viruses because most of them had admin rights. > > A limited user accounts can also install a softwares > by changing the directory location like C:\. > > So if there's no way to restrict this on registry/gpedit > would just recommend to get a 3rd party software. > > Thanks again. > Rocky
