Software Restriction Policy Settings
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
Software Restriction Policies
This security setting allows you create or change a software restriction policy.
Location
GPO_name\Computer Configuration\Windows Settings\Security Settings\Software Restriction Policies\
Default Values
| Server Type or GPO | Default Value |
|---|---|
Default Domain Policy |
Not defined |
Default Domain Controller Policy |
Not defined |
Stand-Alone Server Default Settings |
Not defined |
DC Effective Default Settings |
Not defined |
Member Server Effective Default Settings |
Not defined |
Discussion
When you create a software restriction policy, you can prohibit users from running administratively specified software on their computers. More restrictively, you can prevent the use of all except administratively specified software on their computers. Optionally, local administrators can be exempted from software restriction policy.
You can exempt software from restriction if the software publisher is trusted by the group that you specify: End users, local computer administrators, or Enterprise administrators.
You can create rules to override the default security level. These rules can be based on certificates, hashes, Internet zones, and paths.
You can create at most one wireless network policy per Group Policy object (GPO).
The wireless network policies security setting does not appear in the local GPO.