Heres an update on the problem.
I tried using software restriction polices on another computer using windows 7 ultimate.
- I opened Local Group Policy Editor > computer settings > Windows settings > Security settings > software restriction policy.
- Set the Security Levels (default security level) to 'basic user'
- Tested it out by running an executable off my desktop pass
And it didnt block access to the program.
- I then tried to run a program that would require admin rights to run (and was outside the windows folder and program files folder which is set to
unrestricted by default rules)
and that would not run. So the 'Basic User' Setting was working as it should.
- I then rebooted the computer and ran the same tests.
This time all the executables where blocked! So it stopped working correctly
So it seems once group policy refreshes the 'basic user' setting
just reverts to blocking all access!!
Ive checked in applocker and there's no rules set.
edit on 24-8-2012 by PhoenixOD because: (no reason given)