Tag: Computer Configuration

At least Windows Server 2012, Windows 8 or Windows RT

Disallow standby sleep states (S1-S3) when starting from a Windows to Go workspace

Specifies whether the PC can use standby sleep states (S1-S3) when starting from a Windows To Go workspace. If you enable this setting Windows when started from a Windows To Go workspace can’t use standby states to make the PC sleep. If you disable or don’t configure this setting Windows when started from a Windows To Go workspace can use standby states to make the PC sleep.

At least Windows Server 2012, Windows 8 or Windows RT

Windows To Go Default Startup Options

This policy setting controls whether the PC will boot to Windows To Go if a USB device containing a Windows To Go workspace is connected and controls whether users can make changes using the Windows To Go Startup Options Control Panel item. If you enable this setting booting to Windows To Go when a USB device is connected will be enabled and users will not be able to make changes using the Windows To Go Startup Options Control Panel item. If you disable this setting booting to Windows To Go when a USB device is connected will not be enabled unless a user configures the option manually in the BIOS or other boot order configuration. If you do not configure this setting users who are members of the Administrators group can make changes using the Windows To Go Startup Options Control Panel item.

At least Windows Vista

Selectively allow the evaluation of a symbolic link

Symbolic links can introduce vulnerabilities in certain applications. To mitigate this issue you can selectively enable or disable the evaluation of these types of symbolic links:Local Link to a Local TargetLocal Link to a Remote TargetRemote Link to Remote TargetRemote Link to Local TargetFor further information please refer to the Windows Help sectionNOTE: If this policy is Disabled or Not Configured local administrators may select the types of symbolic links to be evaluated.

At least Windows Server 2012, Windows 8 or Windows RT

Allow or Disallow use of encryption to protect the RPC protocol messages between File Share Shadow Copy Provider running on application server and File Share Shadow Copy Agent running on the file servers.

Determines whether the RPC protocol messagese used by VSS for SMB2 File Shares feature is enabled. VSS for SMB2 File Shares feature enables VSS aware backup applications to perform application consistent backup and restore of VSS aware applications storing data on SMB2 File Shares. By default the RPC protocol message between File Server VSS provider and File Server VSS Agent is signed but not encrypted. Note: To make changes to this setting effective you must restart Volume Shadow Copy (VSS) Service .

At least Windows Server 2012, Windows 8 or Windows RT

Configure maximum age of file server shadow copies

This policy setting configures the maximum age of a file share shadow copy. File share shadow copies that are older than this age will be deleted by the File Share Shadow Copy Agent. Both the exposed shadow copy share and the corresponding volume shadow copy will be deleted. If you enable this policy setting the value specified determines the maximum age of a file share shadow copy. If you disable or do not configure this policy setting file share shadow copies older than 24 hours will be deleted.