Category: Windows Server 2003 and Windows XP only
Remove user name from Start Menu
This policy setting allows you to remove the user name label from the Start Menu in Windows XP and Windows Server 2003. If you enable this policy setting the user name label is removed from the Start Menu in Windows XP and Windows Server 2003. To remove the user name folder on Windows Vista set the “Remove user folder link from Start Menu” policy setting. If you disable or do not configure this policy setting the user name label appears on the Start Menu in Windows XP and Windows Server 2003.
Remove Search link from Start Menu
This policy setting allows you to remove the Search link from the Start menu and disables some File Explorer search elements. Note that this does not remove the search box from the new style Start menu. If you enable this policy setting the Search item is removed from the Start menu and from the context menu that appears when you right-click the Start menu. Also the system does not respond when users press the Application key (the key with the Windows logo)+ F. Note: Enabling this policy setting also prevents the user from using the F3 key. In File Explorer the Search item still appears on the Standard buttons toolbar but the system does not respond when the user presses Ctrl+F. Also Search does not appear in the context menu when you right-click an icon representing a drive or a folder. This policy setting affects the specified user interface elements only. It does not affect Internet Explorer and does not prevent the user from using other methods to search. If you disable or do not configure this policy setting the Search link is available from the Start menu.
Remove Balloon Tips on Start Menu items
Hides pop-up text on the Start menu and in the notification area. When you hold the cursor over an item on the Start menu or in the notification area the system displays pop-up text providing additional information about the object. If you enable this setting some of this pop-up text is not displayed. The pop-up text affected by this setting includes “Click here to begin” on the Start button “Where have all my programs gone” on the Start menu and “Where have my icons gone” in the notification area. If you disable this setting or do not configure it all pop-up text is displayed on the Start menu and in the notification area.
Prohibit use of Internet Connection Firewall on your DNS domain network
Prohibits use of Internet Connection Firewall on your DNS domain network. Determines whether users can enable the Internet Connection Firewall feature on a connection and if the Internet Connection Firewall service can run on a computer. Important: This setting is location aware. It only applies when a computer is connected to the same DNS domain network it was connected to when the setting was refreshed on that computer. If a computer is connected to a DNS domain network other than the one it was connected to when the setting was refreshed this setting does not apply. The Internet Connection Firewall is a stateful packet filter for home and small office users to protect them from Internet network security threats. If you enable this setting Internet Connection Firewall cannot be enabled or configured by users (including administrators) and the Internet Connection Firewall service cannot run on the computer. The option to enable the Internet Connection Firewall through the Advanced tab is removed. In addition the Internet Connection Firewall is not enabled for remote access connections created through the Make New Connection Wizard. The Network Setup Wizard is disabled. Note: If you enable the “Windows Firewall: Protect all network connections” policy setting the “Prohibit use of Internet Connection Firewall on your DNS domain network” policy setting has no effect on computers that are running Windows Firewall which replaces Internet Connection Firewall when you install Windows XP Service Pack 2. If you disable this setting or do not configure it the Internet Connection Firewall is disabled when a LAN Connection or VPN connection is created but users can use the Advanced tab in the connection properties to enable it. The Internet Connection Firewall is enabled by default on the connection for which Internet Connection Sharing is enabled. In addition remote access connections created through the Make New Connection Wizard have the Internet Connection Firewall enabled.
Enable Windows 2000 Network Connections settings for Administrators
Determines whether settings that existed in Windows 2000 Server family will apply to Administrators. The set of Network Connections group settings that existed in Windows 2000 Professional also exists in Windows XP Professional. In Windows 2000 Professional all of these settings had the ability to prohibit the use of certain features from Administrators. By default Network Connections group settings in Windows XP Professional do not have the ability to prohibit the use of features from Administrators. If you enable this setting the Windows XP settings that existed in Windows 2000 Professional will have the ability to prohibit Administrators from using certain features. These settings are “Ability to rename LAN connections or remote access connections available to all users” “Prohibit access to properties of components of a LAN connection” “Prohibit access to properties of components of a remote access connection” “Ability to access TCP/IP advanced configuration” “Prohibit access to the Advanced Settings Item on the Advanced Menu” “Prohibit adding and removing components for a LAN or remote access connection” “Prohibit access to properties of a LAN connection” “Prohibit Enabling/Disabling components of a LAN connection” “Ability to change properties of an all user remote access connection” “Prohibit changing properties of a private remote access connection” “Prohibit deletion of remote access connections” “Ability to delete all user remote access connections” “Prohibit connecting and disconnecting a remote access connection” “Ability to Enable/Disable a LAN connection” “Prohibit access to the New Connection Wizard” “Prohibit renaming private remote access connections” “Prohibit access to the Remote Access Preferences item on the Advanced menu” “Prohibit viewing of status for an active connection”. When this setting is enabled settings that exist in both Windows 2000 Professional and Windows XP Professional behave the same for administrators. If you disable this setting or do not configure it Windows XP settings that existed in Windows 2000 will not apply to administrators. Note: This setting is intended to be used in a situation in which the Group Policy object that these settings are being applied to contains both Windows 2000 Professional and Windows XP Professional computers and identical Network Connections policy behavior is required between all Windows 2000 Professional and Windows XP Professional computers.
Always use local ADM files for Group Policy Object Editor
This policy setting lets you always use local ADM files for the Group Policy snap-in. By default when you edit a Group Policy Object (GPO) using the Group Policy Object Editor snap-in the ADM files are loaded from that GPO into the Group Policy Object Editor snap-in. This allows you to use the same version of the ADM files that were used to create the GPO while editing this GPO. This leads to the following behavior:- If you originally created the GPO with for example an English system the GPO contains English ADM files. – If you later edit the GPO from a different-language system you get the English ADM files as they were in the GPO. You can change this behavior by using this setting. If you enable this setting the Group Policy Object Editor snap-in always uses local ADM files in your %windir% -> inf directory when editing GPOs. This leads to the following behavior:- If you had originally created the GPO with an English system and then you edit the GPO with a Japanese system the Group Policy Object Editor snap-in uses the local Japanese ADM files and you see the text in Japanese under Administrative Templates. If you disable or do not configure this setting the Group Policy Object Editor snap-in always loads all ADM files from the actual GPO. Note: If the ADMs that you require are not all available locally in your %windir% -> inf directory you might not be able to see all the settings that have been configured in the GPO that you are editing.
Report operating system errors
This policy setting controls whether errors in the operating system are included Windows Error Reporting is enabled. If you enable this policy setting Windows Error Reporting includes operating system errors. If you disable this policy setting operating system errors are not included in error reports. If you do not configure this policy setting users can change this setting in Control Panel. By default Windows Error Reporting settings in Control Panel are set to upload operating system errors. See also the Configure Error Reporting policy setting.
List of applications to always report errors for
This policy setting specifies applications for which Windows Error Reporting should always report errors. To create a list of applications for which Windows Error Reporting never reports errors click Show under the Exclude errors for applications on this list setting and then add or remove applications from the list of application file names in the Show Contents dialog box (example: notepad. exe). Errors that are generated by applications in this list are not reported even if the Default Application Reporting Settings policy setting is configured to report all application errors. If you enable this policy setting you can create a list of applications that are always included in error reporting. To add applications to the list click Show under the Report errors for applications on this list setting and edit the list of application file names in the Show Contents dialog box. The file names must include the . exe file name extension (for example notepad. exe). Errors that are generated by applications on this list are always reported even if the Default dropdown in the Default application reporting policy setting is set to report no application errors. If the Report all errors in Microsoft applications or Report all errors in Windows components check boxes in the Default Application Reporting policy setting are filled Windows Error Reporting reports errors as if all applications in these categories were added to the list in this policy setting. (Note: The Microsoft applications category includes the Windows components category. )If you disable this policy setting or do not configure it the Default application reporting settings policy setting takes precedence. Also see the “”Default Application Reporting”” and “”Application Exclusion List”” policies. This setting will be ignored if the ‘Configure Error Reporting’ setting is disabled or not configured.
List of applications to never report errors for
This policy setting controls Windows Error Reporting behavior for errors in general applications when Windows Error Reporting is turned on. If you enable this policy setting you can create a list of applications that are never included in error reports. To create a list of applications for which Windows Error Reporting never reports errors click Show under the Exclude errors for applications on this list setting and then add or remove applications from the list of application file names in the Show Contents dialog box (example: notepad. exe). File names must always include the . exe file name extension. Errors that are generated by applications in this list are not reported even if the Default Application Reporting Settings policy setting is configured to report all application errors. If this policy setting is enabled the Exclude errors for applications on this list setting takes precedence. If an application is listed both in the List of applications to always report errors for policy setting and in the exclusion list in this policy setting the application is excluded from error reporting. You can also use the exclusion list in this policy setting to exclude specific Microsoft applications or parts of Windows if the check boxes for these categories are filled in the Default application reporting settings policy setting. If you disable or do not configure this policy setting the Default application reporting settings policy setting takes precedence.
Default application reporting settings
This policy setting controls whether errors in general applications are included in reports when Windows Error Reporting is enabled. If you enable this policy setting you can instruct Windows Error Reporting in the Default pull-down menu to report either all application errors (the default setting) or no application errors. If the Report all errors in Microsoft applications check box is filled all errors in Microsoft applications are reported regardless of the setting in the Default pull-down menu. When the Report all errors in Windows check box is filled all errors in Windows applications are reported regardless of the setting in the Default dropdown list. The Windows applications category is a subset of Microsoft applications. If you disable or do not configure this policy setting users can enable or disable Windows Error Reporting in Control Panel. The default setting in Control Panel is Upload all applications. This policy setting is ignored if the Configure Error Reporting policy setting is disabled or not configured. For related information see the Configure Error Reporting and Report Operating System Errors policy settings.