# Remove "Properties" option in right-click menu?



## ljzmcm (Apr 28, 2008)

As title reads, trying to find GPO to remove just the "Properties" from right-click shell/menu. Can't seem to find it or know if its even possible. 

Any ideas?

Thanks


----------



## peterh40 (Apr 15, 2007)

If you no want access to the security tab in Properties then try:

http://www.pctools.com/guides/registry/detail/1094
http://maximumpcguides.com/windows-7/remove-the-security-tab-from-windows-explorer/


----------



## ljzmcm (Apr 28, 2008)

Thank you for your effort but not at all what I'm looking for. But, since you seem to find more specific solutions - I'm trying to deny access to modifiy read-only attributes.


----------



## peterh40 (Apr 15, 2007)

Try some of the registry tweaks from here:
http://www.theeldergeek.com/system_properties_access_from_my_computer.htm


----------



## ljzmcm (Apr 28, 2008)

That looks like it would work. Any idea how to make it a GPO and apply it to a user group?

Thanks


----------



## TheOutcaste (Aug 8, 2007)

Why not just remove the *Write Attributes* and *Write Extended Attributes* permissions?
Did a quick test setting that up in the Default Domain Policy, and removed those permissions for Authenticated Users.
Domain Users can't change attributes for files they didn't create, but Domain Admins still can.

See this Technet Article:
Apply or modify permission entries for objects using Group Policy
Probably be a good idea to create a separate GPO, otherwise the permissions will be re-applied every time there is a change in the GPO this setting is a part of, which could affect performance.

Do NOT put a Deny permission on; Deny takes precedence over allow, and Domain Admins are also Authenticated Users, so setting a Deny permission would deny them that permission as well.

One misstep with a Deny permission, and you could block access for everyone.


----------

