Most people think that run dialog in Windows can be easily disabled or enabled by using the Start menu properties. You can right click on the Taskbar, click on properties and then click on the Start Menu tab, click customize, click advanced, and from there you can remove the run dialog from the Start Menu in Windows XP and Vista.
Why it will not work from Taskbar Properties?
However, this is not full proof. Why? Because users can still press Windows' Key+R to open the run dialog. Or they can open Task Manager and click on file, then on to new task (run) to open run dialog box. Additionally they can open Internet Explorer or Windows Explorer and use the address bar as run dialog. No kidding!
Truly disable run Dialog from Start Menu, Internet Explorer/Windows Explorer, and Task Manager
To truly disable run dialog from running or should I say disable users from running any program from command line, do this:
- Start Group Policy Editor. (Start->Run->"gpedit.msc") (Ironically we are using run dialog box!)
- On the left, go to User Configuration->Administrative Templates->Start Menu and Taskbar.
- On the right, enable this setting "Remove run from Start Menu". (see figure below)
If you enable this setting, the following changes occur:
- The Run command is removed from the Start menu.
- The New Task (Run) command is removed from Task Manager.
- The user will be blocked from entering the following into the Internet Explorer Address Bar:
- A UNC path: \\
\ - Accessing local drives: e.g., C:
- Accessing local folders: e.g., \temp>
Users will no longer be able to display the Run dialog box by pressing the Application key (the key with the Windows logo) + R.
If the user tries to open run dialog using any method, he'll get a message saying that the run dialog is disabled by Administrator.
No comments:
Post a Comment