Tag: Computer Configuration
Do not send additional data
This policy setting controls whether additional data in support of error reports can be sent to Microsoft automatically. If you enable this policy setting any additional data requests from Microsoft in response to a Windows Error Reporting report are automatically declined without notification to the user. If you disable or do not configure this policy setting then consent policy settings in Computer Configuration/Administrative Templates/Windows Components/Windows Error Reporting/Consent take precedence.
Do not allow Windows to activate Enhanced Storage devices
This policy setting configures whether or not Windows will activate an Enhanced Storage device. If you enable this policy setting Windows will not activate unactivated Enhanced Storage devices. If you disable or do not configure this policy setting Windows will activate unactivated Enhanced Storage devices.
Do not allow password authentication of Enhanced Storage devices
This policy setting configures whether or not a password can be used to unlock an Enhanced Storage device. If you enable this policy setting a password cannot be used to unlock an Enhanced Storage device. If you disable or do not configure this policy setting a password can be used to unlock an Enhanced Storage device.
Do not allow non-Enhanced Storage removable devices
This policy setting configures whether or not non-Enhanced Storage removable devices are allowed on your computer. If you enable this policy setting non-Enhanced Storage removable devices are not allowed on your computer. If you disable or do not configure this policy setting non-Enhanced Storage removable devices are allowed on your computer.
Lock Enhanced Storage when the computer is locked
This policy setting locks Enhanced Storage devices when the computer is locked. This policy setting is supported in Windows Server SKUs only. If you enable this policy setting the Enhanced Storage device remains locked when the computer is locked. If you disable or do not configure this policy setting the Enhanced Storage device state is not changed when the computer is locked.
Allow only USB root hub connected Enhanced Storage devices
This policy setting configures whether or not only USB root hub connected Enhanced Storage devices are allowed. Allowing only root hub connected Enhanced Storage devices minimizes the risk of an unauthorized USB device reading data on an Enhanced Storage device. If you enable this policy setting only USB root hub connected Enhanced Storage devices are allowed. If you disable or do not configure this policy setting USB Enhanced Storage devices connected to both USB root hubs and non-root hubs will be allowed.
Do not automatically encrypt files moved to encrypted folders
This policy setting prevents File Explorer from encrypting files that are moved to an encrypted folder. If you enable this policy setting File Explorer will not automatically encrypt files that are moved to an encrypted folder. If you disable or do not configure this policy setting File Explorer automatically encrypts files that are moved to an encrypted folder. This setting applies only to files moved within a volume. When files are moved to other volumes or if you create a new file in an encrypted folder File Explorer encrypts those files automatically.
Disable help tips
Disables help tips that Windows shows to the user. By default Windows will show the user help tips until the user has successfully completed the scenarios. If this setting is enabled Windows will not show any help tips to the user.
Boot-Start Driver Initialization Policy
This policy setting allows you to specify which boot-start drivers are initialized based on a classification determined by an Early Launch Antimalware boot-start driver. The Early Launch Antimalware boot-start driver can return the following classifications for each boot-start driver:- Good: The driver has been signed and has not been tampered with. – Bad: The driver has been identified as malware. It is recommended that you do not allow known bad drivers to be initialized. – Bad but required for boot: The driver has been identified as malware but the computer cannot successfully boot without loading this driver. – Unknown: This driver has not been attested to by your malware detection application and has not been classified by the Early Launch Antimalware boot-start driver. If you enable this policy setting you will be able to choose which boot-start drivers to initialize the next time the computer is started. If you disable or do not configure this policy setting the boot start drivers determined to be Good Unknown or Bad but Boot Critical are initialized and the initialization of drivers determined to be Bad is skipped. If your malware detection application does not include an Early Launch Antimalware boot-start driver or if your Early Launch Antimalware boot-start driver has been disabled this setting has no effect and all boot-start drivers are initialized.
Specify a default color
This policy setting controls the default color for window frames when the user does not specify a color. If you enable this policy setting and specify a default color this color is used in glass window frames if the user does not specify a color. If you disable or do not configure this policy setting the default internal color is used if the user does not specify a color. Note: This policy setting can be used in conjunction with the “Prevent color changes of window frames” setting to enforce a specific color for window frames that cannot be changed by users.