If that option is too restrictive, however, you can set NTFS permissions just on the control panel applet (sysdm.cpl)
by creating a GPO with settings at Computer Configuration > Windows Settings > Security Settings > File System. Right click on File System, select Add File, and then browse to c:windowssystem32sysdm.cpl. Set the permissions to deny read access for the desired users, and then make certain that you apply the GPO to the appropriate OU.
Dig deeper on User passwords and network permissions
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.