Export (0) Print
Expand All
2 out of 2 rated this helpful - Rate this topic

Run only allowed Windows applications

User Configuration\Administrative Templates\System

Description

Limits the Windows programs that users have permission to run on the computer.

If you enable this policy, users can only run programs that you add to the List of Allowed Applications in this policy.

Note Image Note

This policy only prevents users from running programs that are started by the Windows Explorer process. It does not prevent users from running programs such as Task Manager, which are started by the system process or by other processes. Also, if users have access to the command prompt, Cmd.exe, this policy does not prevent them from starting programs in the command window that they are not permitted to start by using Windows Explorer.

When both the Run only allowed Windows applications policy and the Don't run specified Windows applications policy are enabled, they are both applied. Users can only run the programs listed in the Run only allowed Windows applications policy. However, if a program in that list is prohibited by the Don't run specified Windows applications policy, it does not run.

Related Policies

Page Image

Don't run specified Windows applications

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.