Click here to get back home

How to Add 'MyFile.exe' to the 'Run only allowed Windows applications', using a Script / Registry / WMI / API or whatever ?
 HomeNewsGroups | Search | About
Login Password
Register Now!
 microsoft.public.windows.server.security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
How to Add 'MyFile.exe' to the 'Run only allowed Windows applications', using a Script / Registry / WMI / API or whatever ? Auto 07-16-2007
Posted by Auto on July 16, 2007, 3:24 am
Please log in for more thread options
 Hello,

I have defined 2 groups policy in Windows Server 2003 SP2, and i would like
to add ''MyFile.exe' to the 'Run only allowed Windows applications',
using a Script / Registry / WMI / API or whatever ?

How can i do that ?

Thanks.



Posted by jwgoerlich on July 16, 2007, 7:18 am
Please log in for more thread options
 Since you are already using group policies, simply add the application
to the policy.

User Configuration > Administrative Templates > System

Run only allowed Windows applications
(o) Enabled
Click [Show] next to List of allowed applications
Add ''MyFile.exe"

Regards,

J Wolfgang Goerlich


> Hello,
>
> I have defined 2 groups policy in Windows Server 2003 SP2, and i would like
> to add ''MyFile.exe' to the 'Run only allowed Windows applications',
> using a Script / Registry / WMI / API or whatever ?
>
> How can i do that ?
>
> Thanks.



Posted by Auto on July 16, 2007, 8:01 am
Please log in for more thread options

> Since you are already using group policies, simply add the application
> to the policy.
>
> User Configuration > Administrative Templates > System
>
> Run only allowed Windows applications
> (o) Enabled
> Click [Show] next to List of allowed applications
> Add ''MyFile.exe"

I can't do that directly.
This have to be done by my software upgrade package, that will run on the
server by the customer.
I don't have a remote connection to the server.



Posted by jwgoerlich on July 16, 2007, 1:27 pm
Please log in for more thread options
I would be surprised if there was a way to automatically add your
application to the list. That would have definite security
implications because malware authors could then do the same. Someone
may come along and post a solution, of course (that's the great thing
about these groups.)

Why not provide this information to the customer in an admin guide?

J Wolfgang Goerlich

> I can't do that directly.
> This have to be done by my software upgrade package, that will run on the
> server by the customer.
> I don't have a remote connection to the server.



Similar ThreadsPosted
Applications to Protect Against and Inspect Registry Changes? December 11, 2006, 3:36 pm
Second Try: Any Anti Virus Applications That Do Not Require Install to Registry? July 4, 2008, 6:56 pm
Web applications cannot connect to SQL Server on new Windows 2003 R2 machine June 28, 2008, 4:16 pm
Hardening Windows Registry August 2, 2006, 10:31 pm
MSS tcp registry values in windows 2003 server security guide August 20, 2006, 7:23 am
Blocking applications March 27, 2007, 9:16 pm
Password Breaking Applications December 22, 2005, 3:02 am
Secrity applications that run on USB flash drive April 29, 2006, 11:06 am
Specify Allowed Times for users to log on April 10, 2008, 11:17 pm
do allowed perrmisions override denyed permissions? April 29, 2007, 6:32 pm

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap