Navigation section

Windows 7 group policy not applying

T

tunnel15

New Member
Joined
Apr 14, 2012
Messages
8
hello everyone,
I have a windows 7(SP1) peer-peer netwrk at my work place.
In order to block usb write access for users i have created three accounts
superAdmin : Administrator account with no restrictions
localAdmin : Administrator account with removeable disk deny write access policy enabled
user :standard account .
now when i log in to localAdmin write access is denied to usb which is what i want
but when i log into user account which has removeable disk deny write access policy enabled
and try to write to usb, windows elevation prompt comes up and if i enter the local admin name and password it allows me to write to the usb which i do Not want.
BTW my users have the password for local admin to allow software install,this is also something i do not want to change.
Pls help....struggling with these settings for some time now.
thanks in advance. :)
 


Solution
Trouble
Hello and welcome to the forum.
No, I think you have phrased the issues suitably enough.
It just seems that you have yourself between a rock and a hard place. With the normal (default) behavior of the UAC and normal users have the account elevation credentials, I'm not sure you can accomplish what you are attempting.
Try opening the local security policy editor
secpol.msc
Expand Local Policies and Select Security Options
Scroll down to
User Account Control: Behavior for the elevation prompt for standard users
Try changing that from "Prompt for credentials" to "Automatically deny elevation requests" and see how that works.
I am afraid that, that might have a negative impact on normal users when attempting to install software, but it...
Sort by date Sort by votes
i'm surprised no answers frm u guys,let me know if i have to rephrase my question....
 


Upvote 0 Downvote
Hello and welcome to the forum.
No, I think you have phrased the issues suitably enough.
It just seems that you have yourself between a rock and a hard place. With the normal (default) behavior of the UAC and normal users have the account elevation credentials, I'm not sure you can accomplish what you are attempting.
Try opening the local security policy editor
secpol.msc
Expand Local Policies and Select Security Options
Scroll down to
User Account Control: Behavior for the elevation prompt for standard users
Try changing that from "Prompt for credentials" to "Automatically deny elevation requests" and see how that works.
I am afraid that, that might have a negative impact on normal users when attempting to install software, but it might be worth a try.
Regards
Randy
 


Upvote 0 Downvote
Solution
Thank you very much Randy.. for your effort and time..
I've been struggling with this for some time now and i'm beginning to believe that you are right about the rock and a hard place...
anyways i'm going to pursue this some more till i find at least a middle ground and i'll then update this thread...still hoping to find answers from you guys tho coz of my limited experience in IT.:)
 


Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

ChatGPT
  • Featured
  • Article Article
Top 10 Tweaks for Windows 11 Using Group Policy Editor
Replies
0
Views
91
ChatGPT
ChatGPT
B
  • Solved
Allow Non-Admins to Install Printer Driver (Group Policy)
Replies
3
Views
4K
bshort1023
B
J
  • Solved
Group Policy Configuration in Active Directory WS 2022
Replies
2
Views
905
Neemobeer
Neemobeer
Mike
  • Article Article
Windows 11 Windows 11 Insider Preview Build 25295: New Group Policy and User-Friendly Improvements for Enhanced User Experience
Replies
0
Views
3K
Mike
Mike
News
Announcing Windows 11 Insider Preview Build 25145
Replies
0
Views
2K
News
News
Back
Top