JSI Tip 3394. How can I prevent users from performing a copy/paste or drag-and-drop operation in Windows 2000 Explorer?

To prevent the subject action, you can implement security zone settings for the My Computer zone. Once you implement these restrictions, when a user attempts to copy/paste or drag-and-drop, they will receive:

Security AlertYour current security settings prohibit copying or moving files from this zone.

To implement this policy, load either the Domain, OU, or Local group policy into the MMC. The following example will use the Local Computer Policy:

01. Start / Run / MMC / OK.

02. On the Console menu, press Add/Remove Snap-in.

03. Press Add.

04. In the Add Standalone Snap-ins window, select Group Policy and press Add.

05. In the Group Policy Object, select Local Computer and press Finish.

06. Press Close and OK.

07. Navigate through User Configuration / Windows Settings / Internet Explorer Maintenance / Security.

08. Double-click Security Zones and Content Ratings.

09. Select the Import the current security zones settings radial button and press the Modify Settings button.

10. In the Select a Web content zone to specify its security settings section, select My Computer.

11. Press the Custom Level button.

12. Scroll the Security Settings to Downloads and set Filedownload to Disable.

13. Scroll to Miscellaneous and set Drag and drop or copy and paste files to Disable.

14. Press OK, OK, and OK.

15. Start / Run / secedit /refreshpolicy user_policy /enforce / OK.

NOTE: See tip 2893 How can I create custom MMC Snap-in packages?