0

So, I have an initiative to set up Microsoft Intune on a number (~450) remote computers. Those computers are currently running deep freeze to reduce the damage that people can do to them by installing / running certain things (exe files, batch files, jar files, active X scripts, etc.)

If there some way that I could lock down these computers in such a way that I could have InTune still running / installing things remotely, but removing that ability from the end user (probably via reg entry / powershell script that edits local policy) to install programs / run extensions that concern me without some form of override.

Does anyone have experience with this sort of thing?

Thanks.

A_Elric
  • 155
  • 10
  • 1
    The purpose of Deep Freeze is that changes can be made while the system is running but once the system is rebooted those changes are lost. It is possible to prevent users from installing applications that is handled by a group policy – Ramhound Jun 12 '13 at 14:59
  • Supposedly, as I have secondhand knowledge of this, you can schedule your computers to thaw at like 1am do the installs and re-freeze them. The DeepFreeze server unthaws the clients remotely. – cybernard Jun 13 '13 at 00:09

0 Answers0