Jump to content

how to disable renaming of files

Marx

By Marx
in Windows XP

 Share

Recommended Posts

Marx

Marx

Posted
Posted

Hi,

we got a policy implemented in our network that only allows certain apps to run.

Users are getting around it by renaming the disallowed app to something that's on the allowed list (e.g. notepad.exe).

Is there a way to prevent users from renaming files in a certain directory?

Thank you,

Matthias


Redhatcc

Redhatcc

Posted
Posted

yep,

if by chance it is running fat32 just run convert.exe, convert the file system.

ntfs has permissions that allow access but not read/write.

MrJinje

MrJinje

Posted
Posted (edited)

I am under the assumption this is a work type thing, and the OP might not be able to simply lock the folder, employee's usually need some form of write access. Not to mention the number of employee's who have local admin rights and can simply unlock the folder if they wanted to.

So while we cannot stop them from renaming the .exe in all cases, they probably cannot change it's Window Title. You could add this script to logon via group policy and it will run silently all day, preventing any windows from opening with that App's title. No idea what app we are talking about, so here is a sample that kills VMware, adjust as necessary.

Prevent_VMware.vbs

Set WshShell = Wscript.CreateObject("WScript.Shell")
Do While Not Wshshell.AppActivate ("VMware Workstation")
Wscript.sleep 1000
Loop
Wshshell.AppActivate "VMware Workstation"
Wshshell.SendKeys "%{F4}"

EDIT: Actually, this would only prevent the first VMware window and then quit, you would need to be re-write something that would stay running longer. But you get the idea.

Edited by MrJinje
Tripredacus

Tripredacus

Posted
Posted

There are many ways to stop this, but generally, if you have employees in your company that are not obeying corporate policy, no amount of IT fixes are going to help you. This is one of those situations where there is also a business answer.

Marx

Marx

Posted
  • Author
Posted

I am under the assumption this is a work type thing, and the OP might not be able to simply lock the folder, employee's usually need some form of write access. Not to mention the number of employee's who have local admin rights and can simply unlock the folder if they wanted to.

So while we cannot stop them from renaming the .exe in all cases, they probably cannot change it's Window Title. You could add this script to logon via group policy and it will run silently all day, preventing any windows from opening with that App's title. No idea what app we are talking about, so here is a sample that kills VMware, adjust as necessary.

Prevent_VMware.vbs

Set WshShell = Wscript.CreateObject("WScript.Shell")
Do While Not Wshshell.AppActivate ("VMware Workstation")
Wscript.sleep 1000
Loop
Wshshell.AppActivate "VMware Workstation"
Wshshell.SendKeys "%{F4}"

EDIT: Actually, this would only prevent the first VMware window and then quit, you would need to be re-write something that would stay running longer. But you get the idea.

Thank you for the script. I'll have a closer look at it.

Matthias

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...