Tag: Computer Configuration
Prevent clients from querying the index remotely
If enabled clients will be unable to query this computer’s index remotely. Thus when they are browsing network shares that are stored on this computer they will not search them using the index. If disabled client search requests will use this computer’s index. Default is disabled.
Disable indexer backoff
If enabled the search indexer backoff feature will be disabled. Indexing will continue at full speed even when system activity is high. If disabled backoff logic will be used to throttle back indexing activity when system activity is high. Default is disabled.
Allow indexing of encrypted files
This policy setting allows encrypted items to be indexed. If you enable this policy setting indexing will attempt to decrypt and index the content (access restrictions will still apply). If you disable this policy setting the search service components (including non-Microsoft components) are expected not to index encrypted items or encrypted stores. This policy setting is not configured by default. If you do not configure this policy setting the local setting configured through Control Panel will be used. By default the Control Panel setting is set to not index encrypted content. When this setting is enabled or disabled the index is rebuilt completely. Full volume encryption (such as BitLocker Drive Encryption or a non-Microsoft solution) must be used for the location of the index to maintain security for encrypted files.
Prevent adding UNC locations to index from Control Panel
Enabling this policy prevents users from adding UNC locations to the index from the Search and Indexing Options in Control Panel. Any UNC locations that have already been added to the index by the user will not be removed. When this policy is disabled or not configured users will be able to add UNC locations to the index. This policy has no effect if the Files on Microsoft Networks add-in is not installed. Disabled by default.
Troubleshooting: Allow users to access and run Troubleshooting Wizards
This policy setting allows users to access and run the troubleshooting tools that are available in the Troubleshooting Control Panel and to run the troubleshooting wizard to troubleshoot problems on their computers. If you enable or do not configure this policy setting users can access and run the troubleshooting tools from the Troubleshooting Control Panel. If you disable this policy setting users cannot access or run the troubleshooting tools from the Control Panel. Note that this setting also controls a user’s ability to launch standalone troubleshooting packs such as those found in . diagcab files.
Configure Security Policy for Scripted Diagnostics
This policy setting determines whether scripted diagnostics will execute diagnostic packages that are signed by untrusted publishers. If you enable this policy setting the scripted diagnostics execution engine validates the signer of any diagnostic package and runs only those signed by trusted publishers. If you disable or do not configure this policy setting the scripted diagnostics execution engine runs all digitally signed packages.
Allow logon scripts when NetBIOS or WINS is disabled
This policy setting allows user logon scripts to run when the logon cross-forest DNS suffixes are not configured and NetBIOS or WINS is disabled. This policy setting affects all user accounts interactively logging on to the computer. If you enable this policy setting user logon scripts run if NetBIOS or WINS is disabled during cross-forest logons without the DNS suffixes being configured. If you disable or do not configure this policy setting user account cross-forest interactive logging cannot run logon scripts if NetBIOS or WINS is disabled and the DNS suffixes are not configured.
Display instructions in startup scripts as they run
This policy setting displays the instructions in startup scripts as they run. Startup scripts are batch files of instructions that run before the user is invited to log on. By default the system does not display the instructions in the startup script. If you enable this policy setting the system displays each instruction in the startup script as it runs. Instructions appear in a command window. This policy setting is designed for advanced users. If you disable or do not configure this policy setting the instructions are suppressed. Note: Starting with Windows Vista operating system scripts that are configured to run asynchronously are no longer visible on startup whether this policy setting is enabled or not.
Run startup scripts asynchronously
This policy setting lets the system run startup scripts simultaneously. Startup scripts are batch files that run before the user is invited to log on. By default the system waits for each startup script to complete before it runs the next startup script. If you enable this policy setting the system does not coordinate the running of startup scripts. As a result startup scripts can run simultaneously. If you disable or do not configure this policy setting a startup cannot run until the previous script is complete. Note: Starting with Windows Vista operating system scripts that are configured to run asynchronously are no longer visible on startup whether the “”Run startup scripts visible”” policy setting is enabled or not.
Display instructions in shutdown scripts as they run
This policy setting displays the instructions in shutdown scripts as they run. Shutdown scripts are batch files of instructions that run when the user restarts the system or shuts it down. By default the system does not display the instructions in the shutdown script. If you enable this policy setting the system displays each instruction in the shutdown script as it runs. The instructions appear in a command window. If you disable or do not configure this policy setting the instructions are suppressed.