TechSapphire Monday, 2024-12-09, 4:45 PM
Site menu
Login form
News
Play Games
  • Deep Freeze
  • Ice Slide
  • Gyroball
  • Fat Fish
  • Bush Royal Rampage
  • Desktop and Explorer

    1. Disable the Ability to Right Click on the Desktop (All Windows)

    This tweak removes the context menu that would normally appear when the user right clicks on the desktop or in the Explorer right results pane.

    Create a new DWORD value, or modify the existing value called 'NoViewContextMenu' using the settings below.

    Settings:
    User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
    System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
    Name: NoViewContextMenu
    Type: REG_DWORD (DWORD Value)
    Value: (0 = disabled, 1 = enabled)

    2. Enable Advanced File System and Sharing Security (Windows XP Professional)

    This setting is used to enable the ability to control advanced NTFS permissions on local and shared files.

    Create a new DWORD value, or modify the existing value called 'ForceGuest' using the settings below.

    Note: This tweak is only available for Windows XP Professional Edition, due to restrictions users of the XP Home Edition are not able to access NFTS permissions through the GUI.

    Settings:
    System Key: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    Name: ForceGuest
    Type: REG_DWORD (DWORD Value)
    Value: (1 = default, 0 = advanced permissions)

    3. Restrict the Screen Saver (Windows 2000/XP)

    This restriction can be used to specify the screen saver or to stop screen savers from running. Also, the Screen Saver settings page is disabled, so users cannot change the screen saver options.

    Create a new DWORD value called "ScreenSaveActive" and set it to "0" to disable all screen savers.

    Alternatively create a new string value called "SCRNSAVE.EXE" and set it to the executable name of a valid Windows screen saver file, including the .scr extension. This will only be used if "ScreenSaveActive" is set to "1" or deleted from the registry.

    Settings:
    User Key: [HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Control Panel\Desktop]
    Name: ScreenSaveActive, SCRNSAVE.EXE
    Type: REG_DWORD (DWORD Value)
    Value: (0 = disable screen savers, 1 = default)

    4. Screen Saver Password Protection Policy (Windows 2000/XP)

    This restriction determines whether the screen saver is password protected and prevents users from changing the password-protection setting.

    Create a new DWORD valued called "ScreenSaverIsSecure" and set it to a value from the table below.

  • (Not in registry) - Users can turn password-protection on and off.
  • 0 - Screen savers are not password-protected.
  • 1 - All screen savers are password-protected.

  • Settings:
    User Key: [HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Control Panel\Desktop]
    Name: ScreenSaverIsSecure
    Type: REG_DWORD (DWORD Value)

    5. Specify the Background Image and Wallpaper Style (Windows 2000/Me/XP)

    These settings allow you to specify the background wallpaper and display style. When this setting is defined users can not choose an alternative background image.


    To specify the wallpaper create a new string value called "Wallpaper" and set it to the full path and filename of the image.

    Additionally, to specify the display style, create a new string value called "WallpaperStyle" and set it to either "0", "1" or "2" according to the list below.

    • 0 - Centered (Default)
    • 1 - Tiled
    • 2 - Stretched
    Settings:
    User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    Name: Wallpaper, WallpaperStyle
    Type: REG_SZ (String Value)

    6. Enforce Shell Extension Security (All Windows)

    This restriction can be used to limit the system to only run files that have an approved shell extension.

    Create or modify the DWORD value called "EnforceShellExtensionSecurity" and set it to "1" to enable the restriction or "0" to disable it.

    The approved shell extenstions are defined under the [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] key.

    Settings:
    User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
    System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
    Name: EnforceShellExtensionSecurity
    Type: REG_DWORD (DWORD Value)
    Value: (0 = default, 1 = enable security)

    7. Secure Desktop Restriction (Windows 2000/XP)

    This restriction is used to stop interactive users from snooping on other user sessions by exploiting a Windows vulnerability. This feature is enabled by default but may interfere with some software applications.

    Create a new DWORD value, or modify the existing value called 'SecureDesktop' using the settings below.

    Note: This fix was first included in Windows 2000 Service Pack 1.

    Settings:
    System Key: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    Name: SecureDesktop
    Type: REG_DWORD (DWORD Value)
    Value: (0 = insecure, 1 = secure)

    8. Remove the Distributed File System Tab (Windows 2000/XP)

    This restriction removes the Distributed File System (DFS) tab from Windows explorer. This prevents users from viewing or changing the properties of local DFS shares.

    Create a new DWORD value, or modify the existing value called 'NoDFSTab' using the settings below.

    Settings:
    User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
    Name: NoDFSTab
    Type: REG_DWORD (DWORD Value)
    Value: (0 = default, 1 = enable restriction)

    9. Remove the Security Tab (Windows XP)

    This restriction removes the Security tab from Windows explorer which prevents users from accessing or changing the security permissions of folder and file objects.

    Create a new DWORD value, or modify the existing value called 'NoSecurityTab' using the settings below.

    Settings:
    User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
    Name: NoSecurityTab
    Type: REG_DWORD (DWORD Value)
    Value: (0 = default, 1 = enable restriction)

    10. Remove the Hardware Tab (Windows 2000/XP)

    This restriction removes the hardware tab from applicable items in the Control Panel and from the local drive properties. This prevents users from changing the hardware device properties.

    Create a new DWORD value, or modify the existing value called 'NoHardwareTab' using the settings below.

    Settings:
    User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
    Name: NoHardwareTab
    Type: REG_DWORD (DWORD Value)
    Value: (0 = default, 1 = enable restriction)

    11. Disable the New Menu Item (All Windows)

    This tweak can be used to disable the ability to use the New menu item to create new objects using explorer.

    Rename the key by placing a dash "-" in front of the GUID (i.e. {-D969A300-E7FF-11d0-A93B-00A0C90F2719}).

    Settings:
    System Key: [HKEY_CLASSES_ROOT\CLSID\{D969A300-E7FF-11d0-A93B-00A0C90F2719}]

    12. Disable the Ability to Customize Toolbars (All Windows)

    By right clicking on a toolbar you are usually given the option to Customize, which allows you to change which functions are available from the toolbar. This tweak allows you to disable that function.

    Create a new DWORD value named "NoToolbarCustomize" and set the value to "1" to disable the ability to customize the toolbars.

    Settings:
    User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
    System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
    Name: NoToolbarCustomize
    Type: REG_DWORD (DWORD Value)
    Value: (1 = enable restriction)


    13. Remove the Option to Change or Hide Toolbars (All Windows)

    By default users are able to select which toolbars are displayed either be right clicking the toolbar itself, or by changing the options from the View menu. This tweak locks the toolbars, removing the ability to change which are displayed.

    Create a new value named "NoBandCustomize" and set it to equal "1" to enable the restriction.

    Settings:
    User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
    System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
    Name: NoBandCustomize
    Type: REG_DWORD (DWORD Value)
    Value: (1 = enable restriction)


    Categories
    Programming [27]
    Tips for programming
    Security [2]
    Security Tips
    Google [1]
    Use google faster then ever you use
    Project [14]
    HTML [2]
    Electronics [0]
    Data Structure [0]
    Database [16]
    SQL SERVER
    SSRS [1]
    Sql Server Reporting Services
    Copyright MyCorp © 2024