The only people who access it via Remote Desktop (RDP) are 2 administrators.
I have no standard 'users' to worry about :)
Anyway, here is how I've disabled group policy for my domain.
On a Domain Controller (or other server with Policy Management tools installed) >
- Navigate to Start > Administrative Tools > Group Policy Management
- Find the domain policy (in my case 'Default Domain Policy'), right click and 'edit'.
- Navigate to the UAC settings located here -
Computer Configuration > Policies > Windows Settings > Security Settings > Local Policies > Security Options - Change settings as follows >
User Account Control: Admin Approval Mode for the Built-In Administrator Account > Enabled
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode > Elevate without Prompting
User Account Control: Detect application installations and prompt for elevation > Disabled
User Account Control: Run all users in Admin Approval Mode > Disabled
No comments:
Post a Comment