I decided to implement the autorun.inf inifilemapping using a GPO.
Here is the adm file I made
CLASS MACHINE
CATEGORY !!CustomIniFileMapping
POLICY !!DisableAutorunInf
KEYNAME "SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf"
EXPLAIN !!DisableAutorunInf_Explain
VALUENAME ""
VALUEON "@SYS:DisableAutoRun"
VALUEOFF DELETE
END POLICY
END CATEGORY
[strings]
CustomIniFileMapping="Custom Ini File Mapping"
DisableAutorunInf="Map autorun.inf"
DisableAutorunInf_Explain="Maps autorun.inf to DisableAutoRun"
Don't forget to go to View and Filtering and turn off "Only show policy settings that can be fully managed" in the group policy object editor or you won't see the policy.
Here is the adm file I made
CLASS MACHINE
CATEGORY !!CustomIniFileMapping
POLICY !!DisableAutorunInf
KEYNAME "SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf"
EXPLAIN !!DisableAutorunInf_Explain
VALUENAME ""
VALUEON "@SYS:DisableAutoRun"
VALUEOFF DELETE
END POLICY
END CATEGORY
[strings]
CustomIniFileMapping="Custom Ini File Mapping"
DisableAutorunInf="Map autorun.inf"
DisableAutorunInf_Explain="Maps autorun.inf to DisableAutoRun"
Don't forget to go to View and Filtering and turn off "Only show policy settings that can be fully managed" in the group policy object editor or you won't see the policy.
No comments:
Post a Comment