Forum Discussion
Is it possible to disable search location in file explorer voa intune
Hi all, Is it possible to disable the file search bar which allows users to search for locations ie Appdata via intune?
Now, you can use a script that sets the correct permissions on the folder for the Users group.
With this script I can set it per user however not for all users on the machine and it sets permission for the folder: dlcaglefdlidioooijnigjhfcndlncfp with
$folderPath = "C:\Users\A SPECIFIC USERNAME\appdata\Local\Microsoft\Edge\User Data\Default\Extensions\dlcaglefdlidioooijnigjhfcndlncfp"
# Define the account for which you want to deny permissions
$account = "AzureAD\A SPECIFIC USERNAME"
# Get the current ACL
$acl = Get-Acl -Path $folderPath
# Create a rule to deny deletion and deletion of subfolders
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule($account, "Delete, DeleteSubdirectoriesAndFiles", "Deny")
# Add the rule to the ACL
$acl.AddAccessRule($rule)
# Apply the modified ACL to the folder
Set-Acl -Path $folderPath -AclObject $acl
I also cant get it to set this policy to sub folders as these can still be deleted. Any ideas?
$folderPath = "C:\Users\A SPECIFIC USERNAME\appdata\Local\Microsoft\Edge\User Data\Default\Extensions\dlcaglefdlidioooijnigjhfcndlncfp"
# Define the account for which you want to deny permissions
$account = "AzureAD\A SPECIFIC USERNAME"
# Get the current ACL
$acl = Get-Acl -Path $folderPath
# Create a rule to deny deletion and deletion of subfolders
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule($account, "Delete, DeleteSubdirectoriesAndFiles", "Deny")
# Add the rule to the ACL
$acl.AddAccessRule($rule)
# Apply the modified ACL to the folder
Set-Acl -Path $folderPath -AclObject $acl
I also cant get it to set this policy to sub folders as these can still be deleted. Any ideas?
ABill1 This should do all folders in c:\users:
foreach ($folder in Get-ChildItem -Path c:\users -Directory) { $folderPath = "C:\Users\$($folder.Name)\appdata\Local\Microsoft\Edge\User Data\Default\Extensions\dlcaglefdlidioooijnigjhfcndlncfp" # Define the account for which you want to deny permissions $account = "AzureAD\A SPECIFIC USERNAME" # Get the current ACL $acl = Get-Acl -Path $folderPath # Create a rule to deny deletion and deletion of subfolders $rule = New-Object System.Security.AccessControl.FileSystemAccessRule($account, "Delete, DeleteSubdirectoriesAndFiles", "Deny") # Add the rule to the ACL $acl.AddAccessRule($rule) # Apply the modified ACL to the folder Set-Acl -Path $folderPath -AclObject $acl }(No checks if the folder exists and not tested)
But... Like I asked before, a few comments back... Why do you NEED the plugin for secure internet access, and why can people browse the internet without it?! Could they use another browser, too? You have to setup your firewall so the content blocking is done there... That would be better.