work problems

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

pretty sure this is the right place to ask this one.

at work, one of the computers have started giving out the error "operation cancelled due to restrictions in place.... contact system administrator".

this only happens when i right click on ie and try to enter properties,(as far as i know.)

i've been googling for a while and the only thing that comes close is people having the same error but on internet options which i can access fine.

having read nearly all the things i could i've tried to follow all the answers there.

first there wasn't any anti-spyware installed which apparently locks some parts of ie to protect it.

and none of the others have this problem so i doubt it's the AV software.
i've now downloaded spybot s&d to try it out but it'll be a while.

i've also upgraded the admin account to be a part of every group's policy.

any other suggestions folks while im d/loading?

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

What do you mean by this?

Also, are you running AD at work?

 

that's the default message for a simple gpo lockout. so i would start to look there, not on the workstation.

 

sorry, i meant the admin account was part of administrators and users, now it has power users, replicators etc, because i thought it might be that.

i would go and look myself but these pc's are really slow and take a fair while to load, sorry guys, but i'm running around doing stuff downstairs so, AD and gpo?

can't really look anywhere else but the workstation d as the server is under contracters warranty!

EDIT: ad= active domain? no, it's a workgroup setup mate.

 

AD - Active Directory
GPO - Group Policy Object

Do you have policies set for users?

 

yes but the admin account i was using had user and admin rights to it initially and then all group rights afterwards. still no joy though.

don't really want to change user policies as they're all squaddies and cheeky gits at changing things!

ok folks, just finished scanning with spybot which found nothing but even though i installed it on admin account, which you can't do on users, it now brings up the same error as before for removing it!

 

The same error message for removing the spybot software as you got for trying to access the IE properties?

 

yes indeedy which is strange. like i said, users can't install anything or uninstall for that matter.

so why is my account allowed to install then not uninstall?

i might just wait till i get home to google some more on gpo and the like.

can't really do much with this one tab at a time crap on a slow connection!

 

You say the network is just a workgroup, but you have user polices set? I'm confused. Are you, or are you not running Active Directory? As d-Faktor said, what you are getting is a standard message given when an action is denied by group policy. That why I asked about AD because you can only set group policy objects (gpo's) in AD.

If your servers are set up and controlled by a contractor, how do you know that you are or aren't running AD? Do you administer the servers? Now, I'm not trying to insult you, just trying to understand what you're saying because you are giving out conflicting information.

 

Check your servers AD settings and if you cant you need to check on another machine with the same account to see if the same problem occurs. When policies are in place this account will be denied access on all machines not just one.

 

ffreeloader - could be a local policy, rather than a group policy...

 

ah! i see your point freddy! no insult taken.
i had asked the i.t bloke here what it was the last time i asked about a work issue here, and he told me it was a workgroup so on that note....no, i'm not sure which it is now.

for group policies i assumed that meant the restrictions on each user group per workstation, as this is the only pc that displays the error i thought i'd made the right assumption! (makes an ass-u-me?)

i'll wait till i get home and google properly on the subjects involved.

thanks for your time and patience guys!

 

OK. Then you just need to go look at the local security policies on that machine. Most likely someone has set this up to deny user access to Internet Options outside of the Control Panel, or to maybe completely deny user access to the internet options.

 

i better understand what you were all talking about earlier folks, but im really going to have to find out exactly what is running in my work as im sure the guy i'm working with isn't too hot on it either, i think he just inherited it from someone a few months ago!

just a quick Q, does AD come installed with win server 2003?
or is it a seperate add-on?

is there any way i can check out AD settings and such like from a workstation admin account?

not sure if we have any access to the proper admin side of things but i'll endeavour to find out on friday!

 

You can make any Windows 2000 or 2003 server an Active Directory domain controller. Running dcpromo, a built-in command does it. If you don't have the correct tools installed you can't check on AD settings from a work station. You also need to have Domain Administrator rights to access a Domain Controller.

When you log onto your computers do you log directly onto the computer itself, or does it log you onto a domain? That will tell you right there if you are part of a domain or not. If you don't log onto a domain, and you'll see if you do or not every time you log onto a workstation, then you are most definitely in a workgroup, not a domain. That says the one machine that is giving you the error when attempting to access Internet Options through right clicking on the IE icon can't be affected by a domain gpo.

To see if someone has played with the local security policies on that machine you'll have to log in as the administrator on that machine and check out the local security policies through the admin tools in the Control Panel. There will either be one that will be named Local Security Policies, or it will be a part of the Computer Management mmc. It's been so long since I worked on a standalone machine I can't remember which. It sticks in my head that its a standalone mmc module though.

 

ok freddy, cheers for the help too, everybody!. i'll have a good look at the whole shebang on friday and come back to you on it.