GPO / Registry Help

garyh

garyh

garyh

Associate
Joined
16 Mar 2005
Posts
845
Hi

I'm just wondering if anybody knows how to disable the ability to delete / rename / add items to the desktop in an Active Directory environment either using Group Policy or a registry hack... I've looked everywhere but I can't seem to find the right settings to enable this correctly.. the desktops are not running Active Desktop btw.

Many thanks in advance.
 
I created a desktop GPO at work last year, and i did manage to do this, however my mind has gone blank at the moment. I will have a look at the GPO tomorrow and post the solution. It is fairly simple from what i can remember. I think it was something along the lines of pointing the user desktop environment within the GPO to a read only directory. This prevented any desktop modification by the user.....
 
Last edited:
rob5ta said:
I created a desktop GPO at work last year, and i did manage to do this, however my mind has gone blank at the moment. I will have a look at the GPO tomorrow and post the solution. It is fairly simple from what i can remember. I think it was something along the lines of pointing the user desktop environment within the GPO to a read only directory. This prevented any desktop modification by the user.....
Click to expand...

Yeah you can do folder redirection to redirect the desktop to a server share.

User Configuration -> Windows Settings -> Folder Redirection
 
oddjob62 said:
Yeah you can do folder redirection to redirect the desktop to a server share.

User Configuration -> Windows Settings -> Folder Redirection
Click to expand...

Yeah cheers oddjob, thats the one!!

garyh, just do as oddjob pointed out - create a read only directory on a server share and redirect the desktop location. Voila, they should get an access denied message when they try to save/modify anything on their desktop. Simple as that ;)
 
You must log in or register to reply here.
Back
Top Bottom