Tag: User Configuration
Exclude directories in roaming profile
This policy setting lets you exclude folders that are normally included in the user’s profile. As a result these folders do not need to be stored by the network server on which the profile resides and do not follow users to other computers. Note: When excluding content from the profile you should try to exclude the narrowest set of data that will address your needs. For example if there is one application with data that should not be roamed then add only that application’s specific folder under the AppData -> Roaming folder rather than all of the AppData -> Roaming folder to the exclusion list. By default the Appdata -> Local and Appdata -> LocalLow folders and all their subfolders such as the History Temp and Temporary Internet Files folders are excluded from the user’s roaming profile. In operating systems earlier than Microsoft Windows Vista only the History Local Settings Temp and Temporary Internet Files folders are excluded from the user’s roaming profile by default. If you enable this policy setting you can exclude additional folders. If you disable this policy setting or do not configure it only the default folders are excluded. Note: You cannot use this policy setting to include the default folders in a roaming user profile.
Turn off the caching of thumbnails in hidden thumbs. db files
Turns off the caching of thumbnails in hidden thumbs. db files. This policy setting allows you to configure File Explorer to cache thumbnails of items residing in network folders in hidden thumbs. db files. If you enable this policy setting File Explorer does not create read from or write to thumbs. db files. If you disable or do not configure this policy setting File Explorer creates reads from and writes to thumbs. db files.
Turn off Tablet PC touch input
Turn off Tablet PC touch inputTurns off touch input which allows the user to interact with their computer using their finger. If you enable this setting the user will not be able to produce input with touch. They will not be able to use touch input or touch gestures such as tap and double tap the touch pointer and other touch-specific features. If you disable this setting the user can produce input with touch by using gestures the touch pointer and other-touch specific features. If you do not configure this setting touch input is on by default. Note: Changes to this setting will not take effect until the user logs off.
Turn off Touch Panning
Turn off Panning Turns off touch panning which allows users pan inside windows by touch. On a compatible PC with a touch digitizer by default users are able to scroll or pan inside a scrolling area by dragging up or down directly on the scrolling content. If you enable this setting the user will not be able to pan windows by touch. If you disable this setting the user can pan windows by touch. If you do not configure this setting Touch Panning is on by default. Note: Changes to this setting will not take effect until the user logs off.
Specify default connection URL
This policy setting specifies the default connection URL for RemoteApp and Desktop Connections. The default connection URL is a specific connection that can only be configured by using Group Policy. In addition to the capabilities that are common to all connections the default connection URL allows document file types to be associated with RemoteApp programs. The default connection URL must be configured in the form of http://contoso. com/rdweb/Feed/webfeed. aspx. If you enable this policy setting the specified URL is configured as the default connection URL for the user and replaces any existing connection URL. The user cannot change the default connection URL. The user’s default logon credentials are used when setting up the default connection URL. If you disable or do not configure this policy setting the user has no default connection URL. Note: RemoteApp programs that are installed through RemoteApp and Desktop Connections from an untrusted server can compromise the security of a user’s account.
Turn off the display of thumbnails and only display icons.
This policy setting allows you to configure how File Explorer displays thumbnail images or icons on the local computer. File Explorer displays thumbnail images by default. If you enable this policy setting File Explorer displays only icons and never displays thumbnail images. If you disable or do not configure this policy setting File Explorer displays only thumbnail images.
Turn off the display of thumbnails and only display icons on network folders
This policy setting allows you to configure how File Explorer displays thumbnail images or icons on network folders. File Explorer displays thumbnail images on network folders by default. If you enable this policy setting File Explorer displays only icons and never displays thumbnail images on network folders. If you disable or do not configure this policy setting File Explorer displays only thumbnail images on network folders.
Specify SHA1 thumbprints of certificates representing trusted .rdp publishers
This policy setting allows you to specify a list of Secure Hash Algorithm 1 (SHA1) certificate thumbprints that represent trusted Remote Desktop Protocol (. rdp) file publishers. If you enable this policy setting any certificate with an SHA1 thumbprint that matches a thumbprint on the list is trusted. If a user tries to start an . rdp file that is signed by a trusted certificate the user does not receive any warning messages when they start the file. To obtain the thumbprint view the certificate details and then click the Thumbprint field. If you disable or do not configure this policy setting no publisher is treated as a trusted . rdp publisher. Note:You can define this policy setting in the Computer Configuration node or in the User Configuration node. If you configure this policy setting for the computer the list of certificate thumbprints trusted for a user is a combination of the list defined for the computer and the list defined for the user. This policy setting overrides the behavior of the “Allow . rdp files from valid publishers and user’s default . rdp settings” policy setting. If the list contains a string that is not a certificate thumbprint it is ignored.
Set time limit for active but idle Remote Desktop Services sessions
This policy setting allows you to specify the maximum amount of time that an active Remote Desktop Services session can be idle (without user input) before it is automatically disconnected. If you enable this policy setting you must select the desired time limit in the Idle session limit list. Remote Desktop Services will automatically disconnect active but idle sessions after the specified amount of time. The user receives a warning two minutes before the session disconnects which allows the user to press a key or move the mouse to keep the session active. If you have a console session idle session time limits do not apply. If you disable or do not configure this policy setting the time limit is not specified at the Group Policy level. By default Remote Desktop Services allows sessions to remain active but idle for an unlimited amount of time. If you want Remote Desktop Services to end instead of disconnect a session when the time limit is reached you can configure the policy setting Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Session Time Limits -> End session when time limits are reached. Note: This policy setting appears in both Computer Configuration and User Configuration. If both policy settings are configured the Computer Configuration policy setting takes precedence.
Set time limit for active Remote Desktop Services sessions
This policy setting allows you to specify the maximum amount of time that a Remote Desktop Services session can be active before it is automatically disconnected. If you enable this policy setting you must select the desired time limit in the Active session limit list. Remote Desktop Services will automatically disconnect active sessions after the specified amount of time. The user receives a warning two minutes before the Remote Desktop Services session disconnects which allows the user to save open files and close programs. If you have a console session active session time limits do not apply. If you disable or do not configure this policy setting this policy setting is not specified at the Group Policy level. By default Remote Desktop Services allows sessions to remain active for an unlimited amount of time. If you want Remote Desktop Services to end instead of disconnect a session when the time limit is reached you can configure the policy setting Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Session Time Limits -> End session when time limits are reached. Note: This policy setting appears in both Computer Configuration and User Configuration. If both policy settings are configured the Computer Configuration policy setting takes precedence.