Archived from groups: microsoft.public.win2000.security (
More info?)
If you can not modify the application permissions to run as a regular user
which usually are permissions to the application folder, registry key in
local machine, and/or all users profile then your options are to use
Software Restriction Policies on XP Pro computers only or to look at the
Group Policy options under user configuration/administrative
templates/system for do not run these Windows applications or run only these
Windows applications. It can help to add install.exe and setup.exe to the
disallowed Windows applications list. Another option is a strict computer
user policy with stated consequences. --- Steve
"Nick" <Nick@discussions.microsoft.com> wrote in message
news:381B28E0-3911-4159-B222-DDA2B24DC5E3@microsoft.com...
> There are many appliacations in my environment that require users to be
> members of the "Power Users" group.
>
> How can I lock down these users so that they cannot install unapproved
> software?