Windows 7 Windows 7 lock down by user

P

Paul Vickers

New Member
Joined
Jul 26, 2012
Messages
4
Hi

I want to lock down a user account so that the user is very limited on what they can see or do but I want the user account to remain part of the administrator group.

Now I know how to do this via 'local group policy' within W7 but I want the ability to turn the restrictions to the user account on or off quickly e.g.(via running a script file or somthing). rather than having to untick / tick 100's of check boxes each time.

P.s poledit back in the day used to be good for this so something like that but obviously for windows 7

Any help would be greatly appreciated.
 
Solution
P
Just thought I'll let you all know that I found a way around my problem.

I used this article here for reference:
Local Group Policies - Apply to All Users Except Administrators

However I selected a specific user rather than a group. I then went to C:\windows\system32\Group Policy users (hidden folder) copied and renamed the gpt.ini to gpt.ini_Off and the regestry.pol file to regestry.pol_off.

I then proceeded to setup my restrictive policy to the user account. Once finished I created another back up of the same files (gpt.ini_on and registry.pol_On).

Now by writing a little bat file to copy the relevant files in place you have the ability to either apply the policy or completely remove it from the specified user account...
Sort by date Sort by votes
Just thought I'll let you all know that I found a way around my problem.

I used this article here for reference:
Local Group Policies - Apply to All Users Except Administrators

However I selected a specific user rather than a group. I then went to C:\windows\system32\Group Policy users (hidden folder) copied and renamed the gpt.ini to gpt.ini_Off and the regestry.pol file to regestry.pol_off.

I then proceeded to setup my restrictive policy to the user account. Once finished I created another back up of the same files (gpt.ini_on and registry.pol_On).

Now by writing a little bat file to copy the relevant files in place you have the ability to either apply the policy or completely remove it from the specified user account depending on your requirements.



Ps. You can achieve a similar thing following the guide mentioned above for policies applied to the non administrators group. Once you have setup the policy you can turn it off or on for any non administrator by simply writing a script that add a user to the administrators group. Granted I accept there might be long term concerns by using this method hence the reason I didn't use it but it worth knowing.

hope this is useful to someone Link Removed - Invalid URL
 
Upvote 0 Downvote
Solution
You must log in or register to reply here.

Similar threads

  • Article Article
Enable 'Run as Different User' in Windows 10/11: Step-by-Step Guide
Replies
0
Views
100
ChatGPT
  • Solved
Windows 7 Deploying Group Policy without a Domain
Replies
1
Views
3K
ChatGPT
P
  • Solved
Windows 7 Locking Down a Windows 7 Computer
Replies
2
Views
4K
Phatty
P
T
  • Solved
Windows 7 Locking down a windows 7 computer
Replies
3
Views
6K
Mitchell_A
M
B
  • Solved
Windows 7 Windows 7 locked folders reset
Replies
5
Views
10K
RAK
R