M
Miha
Hi
We have just implemented SW restriction policies in our local domain.
We set parameters to 'user configuration' to unrestricted, under additional
rules all *.exe,*.com to disallowed and add exclusive paths to programs that
users could open. Also under 'enforcement' I set 'apply sw restriction
policies' to all users EXCEPT LOCAL ADMINS.
After testing with a user that is not in a local admin group everything
worked as is supposed to, but when I add the same user to a local
administrators group the same restrictions were applied to the user even I
set the policy to all users except local admins, so the local admin users
could not run all programs just the same that were set for him through GPO.
Is there any trick or am I doing something wrong?
All the help will be appriciated.
Regards
Miha
We have just implemented SW restriction policies in our local domain.
We set parameters to 'user configuration' to unrestricted, under additional
rules all *.exe,*.com to disallowed and add exclusive paths to programs that
users could open. Also under 'enforcement' I set 'apply sw restriction
policies' to all users EXCEPT LOCAL ADMINS.
After testing with a user that is not in a local admin group everything
worked as is supposed to, but when I add the same user to a local
administrators group the same restrictions were applied to the user even I
set the policy to all users except local admins, so the local admin users
could not run all programs just the same that were set for him through GPO.
Is there any trick or am I doing something wrong?
All the help will be appriciated.
Regards
Miha