Prevent registry changes by users
Posted
by
graf_ignotiev
on Super User
See other posts from Super User
or by graf_ignotiev
Published on 2012-06-04T22:19:20Z
Indexed on
2012/06/04
22:42 UTC
Read the original article
Hit count: 312
Background: I run a small computer lab of 10 computers using Windows 7 x64 Enterprise. Our users are set up as limited users. For additional restrictions, I set up local group policy for non-administrators using the microsoft management console.
Problem: Recently, I found out that some of these restrictions had been removed. Reviewing the settings MMC and in ntuser.pol showed that the settings should still be in place. However, the related registry settings were missing in ntuser.dat. I already have registry editing disabled in the GPO (though not in silent mode).
Question: What is the best way to deal with this situation? Should I look into preventing registry setting changes? Should I set up registry auditing to found out how these keys are getting changed in the first place? Or should I give up the ghost and write some kind of logon script that enforces registry values if they've been change? Any other ideas?
© Super User or respective owner