Matthew, You should be able to find the configuration options you need in the Group Policy editor (gpedit.msc). User Configuration - Admin Templates - Win Components - Internet Explorer Hope this helps. ----- Original Message ----- From: "Shaw, Matthew" <Matt.Shaw@xxxxxxxxx> To: <thin@xxxxxxxxxxxxx> Sent: Thursday, January 30, 2003 2:09 PM Subject: [THIN] Restricting application/plugin installs in IE5 > Hey folks, > > I've been given the task of administering a Windows NT4 TSE/Metaframe > 1.8 installation with 8 servers, 2 of which are configured for publishing > IE5 (seamless). The previous owner did not secure the environment at all and > I've been working to improve on the security without impacting the > functionality for the users too much. I'm at somewhat of a disadvantage > because I'm coming from the UNIX world primarily and am a little flaky with > NT4 stuff. > > One of my oustanding problems is that of users installing applications > and/or plugins via Internet Explorer. For instance, user goes to > www.yahoo.com <http://www.yahoo.com> and installs the Yahoo bar or email > plugin. I know that I can partially lock this down with file permissions, > but there are always directories that must remain writable for the user. For > instance, they have installed this stuff in their profile on the server or > in the temp directory. I'm wondering if there's anyway to completely lock > out the functionality of a user being able to install an application and/or > plugin? Does anybody have any pointers to info that would specifically deal > with the inherent security problems with publishing IE (seamless or > desktop)? > > I appreciate any help and I apologize in advance if this is a newbie > question. Please flame in private (to my email address, not the list) if you > must. > > Thanks, > > Matt > matt.shaw@xxxxxxxxx <mailto:matt.shaw@xxxxxxxxx> > > > > -------------------------------------------------------------------------- -- > > This communication (including all attachments) is intended solely for the > use of the person or persons to whom it is addressed and should be treated > as a confidential xwave communication. If you are not the intended > recipient, any use, distribution, printing, or copying of this email is > strictly prohibited. If you received this email in error, please > immediately delete it from your system and notify the originator. Your > cooperation is appreciated. > > > *************************************************************************** > This Week's Sponsor: New Wyse(R) Expedian(TM)software maximizes your server capacity--cost-effectively. Now you can dramatically increase the number of users on a server by as much as 40%--and reduce the number of servers you have to manage. By optimizing memory usage, Wyse Expedian software allows the terminal server to support more applications and more concurrentusers. Download your 30-day free trial today at: > http://www.wyse.com/expedian/eval.cfm?promo=US-Ad-0103TheThinNetNewsletterEM > **************************************************************************** > > > For Archives, to Unsubscribe, Subscribe or > set Digest or Vacation mode use the below link: > http://thethin.net/citrixlist.cfm *************************************************************************** This Week's Sponsor: New Wyse(R) Expedian(TM)software maximizes your server capacity--cost-effectively. Now you can dramatically increase the number of users on a server by as much as 40%--and reduce the number of servers you have to manage. By optimizing memory usage, Wyse Expedian software allows the terminal server to support more applications and more concurrentusers. Download your 30-day free trial today at: http://www.wyse.com/expedian/eval.cfm?promo=US-Ad-0103TheThinNetNewsletterEM **************************************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm