Category: At least Windows Vista

This policy setting controls whether or not software can simulate the Secure Attention Sequence (SAS). If you enable this policy setting you have one of four options:If you set this policy setting to “None” user mode software cannot simulate the SAS. If you set this policy setting to “Services” services can simulate the SAS. If you set this policy setting to “Ease of Access applications” Ease of Access applications can simulate the SAS. If you set this policy setting to “Services and Ease of Access applications” both services and Ease of Access applications can simulate the SAS. If you disable or do not configure this setting only Ease of Access applications running on the secure desktop can simulate the SAS.

This policy controls whether the logged on user should be notified if the logon server could not be contacted during logon and he has been logged on using previously stored account information. If enabled a notification popup will be displayed to the user when the user logs on with cached credentials. If disabled or not configured no popup will be displayed to the user.

This policy setting specifies whether Windows will allow console applications and GUI applications without visible top-level windows to block or cancel shutdown. By default such applications are automatically terminated if they attempt to cancel shutdown or block it indefinitely. If you enable this setting console applications or GUI applications without visible top-level windows that block or cancel shutdown will not be automatically terminated during shutdown. If you disable or do not configure this setting these applications will be automatically terminated during shutdown helping to ensure that Windows can shut down faster and more smoothly.

This policy setting controls the legacy remote shutdown interface (named pipe). The named pipe remote shutdown interface is needed in order to shutdown this system from a remote Windows XP or Windows Server 2003 system. If you enable this policy setting the system does not create the named pipe remote shutdown interface. If you disable or do not configure this policy setting the system creates the named pipe remote shutdown interface.

This policy setting configures the number of minutes the system waits for the hung logon sessions before proceeding with the system shutdown. If you enable this policy setting the system waits for the hung logon sessions for the number of minutes specified. If you disable or do not configure this policy setting the default timeout value is 3 minutes for workstations and 15 minutes for servers.

This policy setting controls whether or not the system displays information about previous logons and logon failures to the user. For local user accounts and domain user accounts in domains of at least a Windows Server 2008 functional level if you enable this setting a message appears after the user logs on that displays the date and time of the last successful logon by that user the date and time of the last unsuccessful logon attempted with that user name and the number of unsuccessful logons since the last successful logon by that user. This message must be acknowledged by the user before the user is presented with the Microsoft Windows desktop. For domain user accounts in Windows Server 2003 Windows 2000 native or Windows 2000 mixed functional level domains if you enable this setting a warning message will appear that Windows could not retrieve the information and the user will not be able to log on. Therefore you should not enable this policy setting if the domain is not at the Windows Server 2008 domain functional level. If you disable or do not configure this setting messages about the previous logon or logon failures are not displayed.