Tag: Computer Configuration
Prevent the wizard from running
By default Add features to Windows 8. 1 is available for all administrators. If you enable this policy setting the wizard will not run. If you disable this policy setting or set it to Not Configured the wizard will run.
Allow only system backup
This policy setting allows you to manage whether backups of only system volumes is allowed or both OS and data volumes can be backed up. If you enable this policy setting machine administrator/backup operator can backup only volumes hosting OS components and no data only volumes can be backed up. If you disable or do not configure this policy setting backups can include both system or data volumes.
Enable Windows NTP Server
This policy setting allows you to specify whether the Windows NTP Server is enabled. If you enable this policy setting for the Windows NTP Server your computer can service NTP requests from other computers. If you disable or do not configure this policy setting your computer cannot service NTP requests from other computers.
Prohibit connection to non-domain networks when connected to domain authenticated network
This policy setting prevents computers from connecting to both a domain based network and a non-domain based network at the same time. If this policy setting is enabled the computer responds to automatic and manual network connection attempts based on the following circumstances: Automatic connection attempts – When the computer is already connected to a domain based network all automatic connection attempts to non-domain networks are blocked. – When the computer is already connected to a non-domain based network automatic connection attempts to domain based networks are blocked. Manual connection attempts – When the computer is already connected to either a non-domain based network or a domain based network over media other than Ethernet and a user attempts to create a manual connection to an additional network in violation of this policy setting the existing network connection is disconnected and the manual connection is allowed. – When the computer is already connected to either a non-domain based network or a domain based network over Ethernet and a user attempts to create a manual connection to an additional network in violation of this policy setting the existing Ethernet connection is maintained and the manual connection attempt is blocked. If this policy setting is not configured or is disabled computers are allowed to connect simultaneously to both domain and non-domain networks.
Minimize the number of simultaneous connections to the Internet or a Windows Domain
This policy setting prevents computers from establishing multiple simultaneous connections to either the Internet or to a Windows domain. By default when this policy setting value is Not Configured it is enabled. If this policy setting is enabled when the computer has at least one active connection to the Internet a new automatic connection attempt to the Internet is blocked. When the computer has at least one active connection to a Windows domain a new automatic connection to the same Windows domain is also blocked. Additional manual connection attempts by users to the Internet or to a Windows domain are not blocked by this policy setting. In circumstances where there are multiple simultaneous connections to either the Internet or to a Windows domain Windows disconnects the less preferred connection when the amount of network traffic over the less preferred connection drops below a certain threshold. For example when a computer is connected to Internet using a Wi-Fi connection and the user plugs in to an Ethernet network network traffic is routed through the faster Ethernet connection and the Wi-Fi traffic diminishes. Windows detects this circumstance and responds by disconnecting the Wi-Fi connection. If this policy setting is disabled multiple simultaneous connections to the Internet to a Windows domain or to both are allowed. If this policy setting value is Not Configured the default policy setting is enabled. This is different than enabling the policy setting with Group Policy however – when the policy setting is Not Configured the policy setting is configurable on the local computer. When the policy setting is applied with Group Policy it is not configurable locally. With the policy setting value of Not Configured new automatic connection attempts are not made and less preferred connections are disconnected.
Prohibit connection to roaming Mobile Broadband networks
This policy setting prevents clients from connecting to Mobile Broadband networks when the client is registered on a roaming provider network. If this policy setting is enabled all automatic and manual connection attempts to roaming provider networks are blocked until the client registers with the home provider network. If this policy setting is not configured or is disabled clients are allowed to connect to roaming provider Mobile Broadband networks.
Disable power management in connected standby mode
This policy setting specifies that power management is disabled when the machine enters connected standby mode. If this policy setting is enabled Windows Connection Manager does not manage adapter radios to reduce power consumption when the machine enters connected standby mode. If this policy setting is not configured or is disabled power management is enabled when the machine enters connected standby mode.
Diagnostics: Configure scenario retention
This policy setting determines the data retention limit for Diagnostic Policy Service (DPS) scenario data. If you enable this policy setting you must enter the maximum size of scenario data that should be retained in megabytes. Detailed troubleshooting data related to scenarios will be retained until this limit is reached. If you disable or do not configure this policy setting the DPS deletes scenario data once it exceeds 128 megabytes in size. No reboots or service restarts are required for this policy setting to take effect: changes take effect immediately. This policy setting will only take effect when the Diagnostic Policy Service is in the running state. When the service is stopped or disabled diagnostic scenario data will not be deleted. The DPS can be configured with the Services snap-in to the Microsoft Management Console.
Diagnostics: Configure scenario execution level
This policy setting determines the execution level for Diagnostic Policy Service (DPS) scenarios. If you enable this policy setting you must select an execution level from the drop-down menu. If you select problem detection and troubleshooting only the DPS will detect problems and attempt to determine their root causes. These root causes will be logged to the event log when detected but no corrective action will be taken. If you select detection troubleshooting and resolution the DPS will attempt to automatically fix problems it detects or indicate to the user that assisted resolution is available. If you disable this policy setting Windows cannot detect troubleshoot or resolve any problems that are handled by the DPS. If you do not configure this policy setting the DPS enables all scenarios for resolution by default unless you configure separate scenario-specific policy settings. This policy setting takes precedence over any scenario-specific policy settings when it is enabled or disabled. Scenario-specific policy settings only take effect if this policy setting is not configured. No reboots or service restarts are required for this policy setting to take effect: changes take effect immediately.
Enforce drive encryption type on removable data drives
This policy setting allows you to configure the encryption type used by BitLocker Drive Encryption. This policy setting is applied when you turn on BitLocker. Changing the encryption type has no effect if the drive is already encrypted or if encryption is in progress. Choose full encryption to require that the entire drive be encrypted when BitLocker is turned on. Choose used space only encryption to require that only the portion of the drive used to store data is encrypted when BitLocker is turned on. If you enable this policy setting the encryption type that BitLocker will use to encrypt drives is defined by this policy and the encryption type option will not be presented in the BitLocker setup wizard. If you disable or do not configure this policy setting the BitLocker setup wizard will ask the user to select the encryption type before turning on BitLocker.