Blocking pcAnywhere executables in Windows 2008 Domain Controller GPO

book

Article ID: 180879

calendar_today

Updated On:

Products

Symantec Products

Issue/Introduction

 

Resolution

To block any executables from pcAnywhere in the Windows 2008 Domain Controller, complete the following steps.

Alternatively, this could be done using Applocker. If you want to use Applocker, refer to Microsoft for documentation.

  1. Launch MMC.
  2. In Console 1, click File > Add/Remove Snap-in.
  3. In the Add/Remove Snap-ins window, select Group Policy Management Editor and click Add.
  4. To choose the Group Policy Object, click Browse and select the domain or specific OUs that will enable software restriction. Click OK and Finish.
  5. In the Add/Remove Snap-ins window, click OK.
  6. In Console 1, expand Default Domain Policy [domain name] Policy > Computer Configuration > Policies > Windows Settings > Security Settings > Software Restriction Policies.
  7. Right click on Software Restriction Policies and select New Software Restriction Policies.
  8. Right click on Additional Rules and select New Path Rule.
  9. In the New Path Rule window, type one of the following in the Path field:
    • C:\Program Files (x86)\Symantec\pcAnywhere (64-bit computers)
    • C:\Program Files\Symantec\pcAnywhere (32-bit computers)
  10. Click OK.
  11. Repeat steps 8-10 to create another path. Two paths (one for 64-bit and one for 32-bit) must be created on every computer.

These changes affect users who logout and login again after the above steps are completed. When they attempt to run pcAnywhere, they will receive the following message, “This program is blocked by group policy. For more information, contact your system administrator.”