Marx Posted March 10, 2010 Share Posted March 10, 2010 Hi,we got a policy implemented in our network that only allows certain apps to run.Users are getting around it by renaming the disallowed app to something that's on the allowed list (e.g. notepad.exe).Is there a way to prevent users from renaming files in a certain directory?Thank you,Matthias Link to comment Share on other sites More sharing options...
allen2 Posted March 10, 2010 Share Posted March 10, 2010 If they don't have the ntfs right to write/modify in this folder, they won't be able to rename a file. Link to comment Share on other sites More sharing options...
Redhatcc Posted March 11, 2010 Share Posted March 11, 2010 yep, if by chance it is running fat32 just run convert.exe, convert the file system. ntfs has permissions that allow access but not read/write. Link to comment Share on other sites More sharing options...
MrJinje Posted March 11, 2010 Share Posted March 11, 2010 (edited) I am under the assumption this is a work type thing, and the OP might not be able to simply lock the folder, employee's usually need some form of write access. Not to mention the number of employee's who have local admin rights and can simply unlock the folder if they wanted to.So while we cannot stop them from renaming the .exe in all cases, they probably cannot change it's Window Title. You could add this script to logon via group policy and it will run silently all day, preventing any windows from opening with that App's title. No idea what app we are talking about, so here is a sample that kills VMware, adjust as necessary.Prevent_VMware.vbsSet WshShell = Wscript.CreateObject("WScript.Shell")Do While Not Wshshell.AppActivate ("VMware Workstation")Wscript.sleep 1000LoopWshshell.AppActivate "VMware Workstation"Wshshell.SendKeys "%{F4}"EDIT: Actually, this would only prevent the first VMware window and then quit, you would need to be re-write something that would stay running longer. But you get the idea. Edited March 11, 2010 by MrJinje Link to comment Share on other sites More sharing options...
Tripredacus Posted March 11, 2010 Share Posted March 11, 2010 There are many ways to stop this, but generally, if you have employees in your company that are not obeying corporate policy, no amount of IT fixes are going to help you. This is one of those situations where there is also a business answer. Link to comment Share on other sites More sharing options...
Marx Posted March 11, 2010 Author Share Posted March 11, 2010 I am under the assumption this is a work type thing, and the OP might not be able to simply lock the folder, employee's usually need some form of write access. Not to mention the number of employee's who have local admin rights and can simply unlock the folder if they wanted to.So while we cannot stop them from renaming the .exe in all cases, they probably cannot change it's Window Title. You could add this script to logon via group policy and it will run silently all day, preventing any windows from opening with that App's title. No idea what app we are talking about, so here is a sample that kills VMware, adjust as necessary.Prevent_VMware.vbsSet WshShell = Wscript.CreateObject("WScript.Shell")Do While Not Wshshell.AppActivate ("VMware Workstation")Wscript.sleep 1000LoopWshshell.AppActivate "VMware Workstation"Wshshell.SendKeys "%{F4}"EDIT: Actually, this would only prevent the first VMware window and then quit, you would need to be re-write something that would stay running longer. But you get the idea.Thank you for the script. I'll have a closer look at it. Matthias Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now