DESKTOP

Windows Server 2003 : Implementing Software Restriction Policies (part 3) - Implementing Software Restriction Policies - Creating a Certificate Rule, Creating an Internet Zone Rule

12/2/2013 2:40:52 AM
6.3 Creating a Certificate Rule

Create a certificate rule to automatically trust software from a trusted source in a domain without prompting the user or to run files in disallowed areas of your operating system. Certificate rules can be applied to scripts and Windows Installer packages. They do not apply to files with .exe or .dll filename extensions.

To create a certificate rule, complete the following steps:

1.
Access the Group Policy Object Editor console for a GPO.
2.
In the Group Policy Object Editor console, click Computer Configuration, double-click Windows Settings, double-click Security Settings, and then double-click Software Restriction Policies.
3.
Right-click Additional Rules, and then click New Certificate Rule.
4.
In the New Certificate Rule dialog box, shown in Figure 2, click Browse and then select a certificate.
Figure 2. The New Certificate Rule dialog box
5.
In the Security Level list, select one of the following:

  • Disallowed, which does not allow the software to run, regardless of the access rights of the user who is logged on to the computer

  • Unrestricted, which allows software to run with the full rights of the user who is logged on to the computer

6.
Type a description for this rule, and then click OK.
6.4 Creating an Internet Zone Rule

Create an Internet zone rule to identify software from a zone that is specified through Internet Explorer. Zone rules apply only to Windows Installer packages.

To create an Internet zone rule, complete the following steps:

1.
Access the Group Policy Object Editor console for a GPO.
2.
In the Group Policy Object Editor console, click Computer Configuration, double-click Windows Settings, double-click Security Settings, and then double-click Software Restriction Policies.
3.
Right-click Additional Rules, and then click New Internet Zone Rule.
4.
In the New Internet Zone Rule dialog box, shown in Figure 3, select a zone from the Internet Zone list.
Figure 3. The New Internet Zone Rule dialog box
5.
In the Security Level list, select one of the following:

  • Disallowed, which does not allow the software to run, regardless of the access rights of the user who is logged on to the computer

  • Unrestricted, which allows software to run with the full rights of the user who is logged on to the computer
Other  
  •  Windows Server 2003 : Troubleshooting Software Deployed with Group Policy - Software Deployment Troubleshooting Scenarios
    •
  •  Windows Server 2003 : Maintaining Software Deployed with Group Policy (part 2) - Removing Applications Deployed with Group Policy
    •
  •  Windows Server 2003 : Maintaining Software Deployed with Group Policy (part 1) - Upgrading Applications Deployed with Group Policy
  •  Windows 7 : Using WDS for Multicast Deployments (part 2) - Creating a Multicast Deployment
    •
  •  Windows 7 : Using WDS for Multicast Deployments (part 1) - How WDS Multicast Works
    •
  •  Windows 7 : Tweaking Your WDS Server - Manage Domain Membership Using WDS
    •
  •  Windows Server 2003 : Distributing Software with Group Policy (part 3) - Deploying Software with Group Policy
    •
  •  Windows Server 2003 : Distributing Software with Group Policy (part 2) - Setting Windows Installer Package Properties
    •
  •  Windows Server 2003 : Distributing Software with Group Policy (part 1) - Specifying Software Deployment Properties for the GPO
  •  Windows 7 : Tweaking Your WDS Server - Using WDS to Name Machines
    •
     
    Top 10
    Extending LINQ to Objects : Writing a Single Element Operator (part 2) - Building the RandomElement Operator
    Extending LINQ to Objects : Writing a Single Element Operator (part 1) - Building Our Own Last Operator
    3 Tips for Maintaining Your Cell Phone Battery (part 2) - Discharge Smart, Use Smart
    3 Tips for Maintaining Your Cell Phone Battery (part 1) - Charge Smart
    OPEL MERIVA : Making a grand entrance
    FORD MONDEO 2.0 ECOBOOST : Modern Mondeo
    BMW 650i COUPE : Sexy retooling of BMW's 6-series
    BMW 120d; M135i - Finely tuned
    PHP Tutorials : Storing Images in MySQL with PHP (part 2) - Creating the HTML, Inserting the Image into MySQL
    PHP Tutorials : Storing Images in MySQL with PHP (part 1) - Why store binary files in MySQL using PHP?
    REVIEW
    - First look: Apple Watch

    - 3 Tips for Maintaining Your Cell Phone Battery (part 1)

    - 3 Tips for Maintaining Your Cell Phone Battery (part 2)
    VIDEO TUTORIAL
    - How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010 (Part 1)

    - How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010 (Part 2)

    - How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010 (Part 3)
    Popular Tags
    Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 Adobe Indesign Adobe Flash Professional Dreamweaver Adobe Illustrator Adobe After Effects Adobe Photoshop Adobe Fireworks Adobe Flash Catalyst Corel Painter X CorelDRAW X5 CorelDraw 10 QuarkXPress 8 windows Phone 7 windows Phone 8 BlackBerry Android Ipad Iphone iOS