Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Software Restriction Policies is wrongly applied to Administrator

20 Jan 2013   #1

Windows 7 Ultimate x64
Software Restriction Policies is wrongly applied to Administrator

I have Windows 7 64-bit and have configured Software Restriction Policies so that "Disallowed" is the default security level. I also have Path Rules defined so that software in C:\Program Files, C:\Program Files (x86), and C:\Windows can execute. I also want it to apply to only my limited user account, so it is configured for "All users except local administrators".

But it is still affecting my admin account. When I'm logged in as my admin user and I try to run any executable file in the C:\Users\admin\Downloads directory, I get a popup saying "This program is blocked by group policy."

Any idea why the Software Restrictions Policies are affecting my admin account even though it is set to "All users except local administrators"?

My System SpecsSystem Spec
20 Jan 2013   #2

64-bit Windows 10 Pro

Hello Delerious, and welcome to Seven Forums.

Did you do this through Group Policy?

If so, then double check using the tutorial below to see if this how you setup the separate "All users except local administrators" group policy snap-in to set these policies in.
Local Group Policies - Apply to All Users Except Administrators
You might also look at AppLocker to see if it may work for this as well for you.
AppLocker - Create New Rules
Hope this helps some, :)
My System SpecsSystem Spec
20 Jan 2013   #3

Windows 7 Ultimate x64

Thanks Shawn. I think this is related to UAC. If I run an executable file using "Run as administrator", then it runs fine and doesn't get blocked.
My System SpecsSystem Spec

17 Jul 2014   #4

Win 8 Pro

I know this thread is old, but I found something yesterday that causes this very symptom, and since I couldn't find the answer after Googling for days, I thought I'd post what I found so it might help someone else.

Like delerious above, I configured Software Restriction Policies (under Computer Configuration), and under Enforcement, Apply software restriction policies to the following users, I selected All users except local administrators. I set the Security Levels default to Disallowed, and then built the rest of the policy by creating the Additional Rules (mainly path rules). All this went into a new GPO that was intended to be used only for SRP configuration.

When I tested with user accounts, it worked as expected, but my admin account was also denied access. I hate when my system tells me access denied. <grrr>

I Googled and found others who had this problem (here, superuser, wildersecurity) but no solutions. I somehow stumbled onto another GPO and discovered that it had software restriction policies enabled too. I checked its settings, and found that nothing had been changed from the defaults. It was as if another administrator found the "No Software Restriction Policies Defined" message, so he clicked on New Software Restriction Policies menu item. But then he didn't configure anything.

Which would have been OK, except for the fact that -- and here's an example of yet another retarded Microsoft default -- the Apply software restriction policies to the following users radio button is set to All users by default. I found several other GPOs had been done this way. So guess what? All those GPOs were somehow overriding the one configured correctly.

After deleting all those unintended policies (and I might have rebooted the test machine, probably cussed a lot), it works like a champ.

Note: something else I learned through all this is that rsop.msc is your friend.
My System SpecsSystem Spec

 Software Restriction Policies is wrongly applied to Administrator

Thread Tools

Similar help and support threads
Thread Forum
SRP (Software Restriction Policies) blocking local Administrator
I implemented SRP on a Windows 7 Pro PC that I was logged into as the Local Administrator. In Enforcement I ensured that "All users except local administrators" was selected. I then set the default Security Level to Disallow. At this point I attempted to open Windows Update from the Start menu and...
System Security
The system administrator has set policies
I can not install or uninstall programs it always come up with "The system administrator has set policies to prevent this installation". I am logged in the administator account how can i get around this to uninstall programs?
General Discussion
the system administrator has set policies preventing this installation
Hi i love widows 64 bit home premium. However, i keep getting this error message when trying to install pro tools 8. It installs fine until it gets to the part where it trys to install the hardware driver then i get this message. If i click contiunue the install continues but gives me several...
administrator has set policies to prevent installation
Hello. I am using WIN 7 64bit home premium. Some older games will not run after installation (Battle stations pacific). I have been told that uprading windows and running in xp mode can fix older games not running. I also have a game that will not install, 'Napoleon total war' (uses steam) when I...
Error:Administrator policies to prevent installation
I'm having trouble installing iTunes 9 on my computer. I'm able to open the executable and the installation goes fine, and then there's an error message that reads "The system administrator has set policies to prevent this installation." I've tried changing my security settings, and have even...

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 02:48.
Twitter Facebook Google+