PolicyPak for Adobe Acrobat

Acrobat Reader is on every desktop in your company. Too bad it has 800+ settings for you to deal with. Let’s say you only needed to deal with some key settings to make your company more secure.

Ask yourself, how would you manage things like:

  • Update behavior (turning it off, so users aren’t prompted)
  • Turn off dangerous items like Javascript
  • Ensure Acrobat “Enhanced Security” is turned on

… or anything else that’s important to your company?

Okay. You’re right. You’re thinking that you’ve been able to deliver Acrobat Reader settings to clients with Acrobat’s helpful “Customization Wizard X” utility.

In fact, here are the steps you would need to perform:

  • First extract the AdbeRdr1001_en_US.exethe parameters -nos_o”<file_path>” -nos_ne
  • Download Adobe Customization Wizard X, use it, and create your ownMST(Microsoft Transform)file.
  • Then, on each system, either run start /wait c:windowssystem32msiexec.exe /i “AcroRead.msi” TRANSFORMS=AcroRead.mst /qn /L* c:windowstempAdobeReader_10_US.log or use Group Policy Software Installation (or your favorite software distribution tool) to deliver the MSI and MST combo to all your systems.

Great.You’ve got a customized version of Acrobat on all your machines with all the settings you want.

Super! Now what do you do after Acrobat has been deployed and your users change your pre-configured settings? Or, you realized you need to change some important default?

Answer: Without PolicyPak, you’re in trouble. Big trouble.Watch this video to get a handle on the problem and where PolicyPak puts the smack down on this important problem.

Click here for Video Transcript

Yep, we’ve seen “ADM templates” out there for Acrobat Reader.

But there’s a big problem with those. They can deliver the setting you want, but don’t enforce it.

If the user changes a setting, that’s it – the user has worked around your desired setting, and now you’ve got a help desk call to deal with, or, worse, a virus that got delivered using Adobe Acrobat when the user turned back on Javascript support.

Don’t be that guy !

Our solution isn’t a mere “ADM” template, it’s a true Group Policy extension, with powerful management and lockdown capabilities. PolicyPak can deliver, lockdown and revoke Acrobat settings – the way you need to using Group Policy.

Our PolicyPak software snaps-in to the Group Policy Editor and mimics the user interface of the Acrobat Reader application itself. You can set key settings (like turning off Acrobat Reader updates), like what is seen here:

You can ensure that Adobe’s Javascript support is truly disabled, which makes your whole company more secure, like what is seen here.

Or ensure your users are forced to use the “big guns” with “Enable Enhanced Security” and ensure users can’t work around it.


Without PolicyPak, you’re on the losing side, because users are going to simply steamroll over you.

Besides, once you’re using PolicyPak to manage Acrobat Reader, you’ll also get to manage all your other enterprise desktop applications the same way:Java, WinZip, Firefox, and any custom applications you have. They’re 100% included – absolutely free.

It’s all included when you’re a PolicyPak Professional customer.

PolicyPak was designed by Group Policy MVP Jeremy Moskowitz – who “wrote the book” on Group Policy, runs GPanswers.com, and lives and breathes Group Policy and enterprise software deployments and desktop lockdown.

When you’re ready to get serious about managing Acrobat Reader today, PolicyPak is ready for you. Unless you want your users to see this.


Or this: