Category: At least Windows Vista

This policy setting determines the data retention limit for Diagnostic Policy Service (DPS) scenario data. If you enable this policy setting you must enter the maximum size of scenario data that should be retained in megabytes. Detailed troubleshooting data related to scenarios will be retained until this limit is reached. If you disable or do not configure this policy setting the DPS deletes scenario data once it exceeds 128 megabytes in size. No reboots or service restarts are required for this policy setting to take effect: changes take effect immediately. This policy setting will only take effect when the Diagnostic Policy Service is in the running state. When the service is stopped or disabled diagnostic scenario data will not be deleted. The DPS can be configured with the Services snap-in to the Microsoft Management Console.

This policy setting determines the execution level for Diagnostic Policy Service (DPS) scenarios. If you enable this policy setting you must select an execution level from the drop-down menu. If you select problem detection and troubleshooting only the DPS will detect problems and attempt to determine their root causes. These root causes will be logged to the event log when detected but no corrective action will be taken. If you select detection troubleshooting and resolution the DPS will attempt to automatically fix problems it detects or indicate to the user that assisted resolution is available. If you disable this policy setting Windows cannot detect troubleshoot or resolve any problems that are handled by the DPS. If you do not configure this policy setting the DPS enables all scenarios for resolution by default unless you configure separate scenario-specific policy settings. This policy setting takes precedence over any scenario-specific policy settings when it is enabled or disabled. Scenario-specific policy settings only take effect if this policy setting is not configured. No reboots or service restarts are required for this policy setting to take effect: changes take effect immediately.

This policy setting allows you to specify the default path that is displayed when the BitLocker Drive Encryption setup wizard prompts the user to enter the location of a folder in which to save the recovery password. This policy setting is applied when you turn on BitLocker. If you enable this policy setting you can specify the path that will be used as the default folder location when the user chooses the option to save the recovery password in a folder. You can specify either a fully qualified path or include the target computer’s environment variables in the path. If the path is not valid the BitLocker setup wizard will display the computer’s top-level folder view. If you disable or do not configure this policy setting the BitLocker setup wizard will display the computer’s top-level folder view when the user chooses the option to save the recovery password in a folder. Note: This policy setting does not prevent the user from saving the recovery password in another folder.

This policy setting controls computer restart performance at the risk of exposing BitLocker secrets. This policy setting is applied when you turn on BitLocker. BitLocker secrets include key material used to encrypt data. This policy setting applies only when BitLocker protection is enabled. If you enable this policy setting memory will not be overwritten when the computer restarts. Preventing memory overwrite may improve restart performance but will increase the risk of exposing BitLocker secrets. If you disable or do not configure this policy setting BitLocker secrets are removed from memory when the computer restarts.

This policy setting controls whether Windows forcefully unloads the user’s registry at logoff even if there are open handles to the per-user registry keys. Note: This policy setting should only be used for cases where you may be running into application compatibility issues due to this specific Windows behavior. It is not recommended to enable this policy by default as it may prevent users from getting an updated version of their roaming user profile. If you enable this policy setting Windows will not forcefully unload the users registry at logoff but will unload the registry when all open handles to the per-user registry keys are closed. If you disable or do not configure this policy setting Windows will always unload the users registry at logoff even if there are any open handles to the per-user registry keys at user logoff.

This policy setting controls how long Windows waits for a response from the network before logging on a user without a remote home directory and withou synchronizing roaming user profiles. This policy setting is useful for the cases in which a network might take typically longer to initialize such as with a wireless network. Note: Windows doesn’t wait for the network if the physical network connection is not available on the computer (if the media is disconnected or the network adapter is not available). If you enable this policy setting Windows waits for the network to become available up to the maximum wait time specified in this policy setting. Setting the value to zero causes Windows to proceed without waiting for the network. If you disable or do not configure this policy setting Windows waits for the network for a maximum of 30 seconds.

This policy setting specifies whether Windows should use the specified network path as the roaming user profile path for all users logging onto this computer. To use this policy setting type the path to the network share in the form -> -> Computername -> Sharename -> . It is recommended to use a path such as -> -> Computername -> Sharename -> %USERNAME% to give each user an individual profile folder. If not specified all users logging onto this computer will use the same roaming profile folder as specified by this policy. You need to ensure that you have set the appropriate security on the folder to allow all users to access the profile. If you enable this policy setting all users logging on this computer will use the roaming profile path specified in this policy. If you disable or do not configure this policy setting users logging on this computer will use their local profile or standard roaming user profile. Note: There are four ways to configure a roaming profile for a user. Windows reads profile configuration in the following order and uses the first configured policy setting it reads. 1. Terminal Services roaming profile path specified by Terminal Services policy2. Terminal Services roaming profile path specified by the user object3. A per-computer roaming profile path specified in this policy4. A per-user roaming profile path specified in the user object

This policy setting allows an administrator to automatically delete user profiles on system restart that have not been used within a specified number of days. Note: One day is interpreted as 24 hours after a specific user profile was accessed. If you enable this policy setting the User Profile Service will automatically delete on the next system restart all user profiles on the computer that have not been used within the specified number of days. If you disable or do not configure this policy setting User Profile Service will not automatically delete any profiles on the next system restart.