I have a software restriction policy that prevents users from running a proxy client application that some users have downloaded. I have configured it correctly as a Path Rule but the users are renaming the file and getting around the policy. Is there another way?
Yes there is. Instead of a Path Rule you can create a Hash rule. A hash rule takes a fingerprint of the application executable which means that no matter how many times the name of the file is changed; the rule restriction is still enforced. Jeremy discusses software restrictions in Chapter 8 got iin his book.
The GPanswers.com forum is closed now (thanks, spammers!)
But we encourage you to join us at LinkedIn in the “GPO Stuff” group.
Jeremy is regular there, and there is a reasonable system to prevent junk posts.
In all, we think it’s the right place to go for Group Policy-specific questions.
It’s a private group, but just JOIN it, and the owner should approve your request.
See you there !
-Jeremy Moskowitz, Group Policy MVP