Accessing claims-enabled file shares on Windows 8
A new policy setting on Windows 8 and Windows Server 2012 is intended to support clients running a version of Windows prior to Windows 8 that are trying to access a file share that requires user claims. This policy setting may be needed where there are local file access policies that include user claims.
Categories: Uncategorized Tags: access, claims, claims-enabled, file share, gpedit, gpedit.msc, Kerberos, S4U2Self
Windows 8 computer inactivity policy
A new policy setting on Windows 8 allows you to lock down your workstation after a period of inactivity. Although, you could lock down a user session based on idle time in previous Windows systems, this setting as a policy is only found on Windows 8 and Windows Servers 2012 systems.
Categories: Windows 8 Tags: gpedit, gpedit.msc, Local Group Policy, lock
Windows 8 machine account lockout policy
The machine account lockout threshold setting is a new security policy found only on Windows 8 and Windows Server 2012 machines. This new security setting determines the number of failed logon attempts by users before locking down the machine. A locked out machine can only be recovered by providing the BitLocker recovery key at the console. A BitLocker recovery key is a special key that you can create when you turn on BitLocker Drive Encryption for the first time on each drive that you encrypt.
Categories: Security, Windows 8 Tags: BitLocker, gpedit, gpedit.msc, Group Policy, Local Group Policy
Block Microsoft accounts on Windows 8
A new policy setting on Windows 8 and Windows Server 2012 allows you to disable users from adding new Microsoft accounts on your computer.
Categories: Security, Windows 8 Tags: account, block, gpedit, gpedit.msc, Group Policy, Microsoft account
Force Enhanced Protected Mode in Internet Explorer 10
The Group Policy ‘Turn on Enhanced Protected Mode’ for Microsoft’s Internet Explorer 10 allows you to enforce additional protection against malicious websites by using 64-bit processes on 64-bit versions of Windows. In addition, IE 10 on Windows 8 also limits the locations Internet Explorer can read from in the registry and the file system when Enhanced Protected Mode is enabled.
Categories: Security Tags: gpedit, gpedit.msc, Group Policy, IE 10, Internet Explorer, Protected Mode, Vista
Removing the last logged on user name from successive Windows logon screens
For compliance or security reasons you may wish to remove from the logon screen the name of the last user who successfully logged on to a computer. You can achieve this by applying a Group Policy called Interactive logon: Do not display last user name.
Categories: Security Tags: gpedit, gpedit.msc, Group Policy, login, logon, user name
Adding a login message in Windows 7
In Windows 7 similar to previous versions of Windows, you can display a message comprising a title and some text for users attempting to log on to their computers. The message will appear before the interactive login screen. This may be used for legal reasons, for example, to warn users about the ramifications of misusing company information or to warn them that their actions may be audited.
Categories: Security Tags: gpedit, gpedit.msc, Group Policy, interactive login, login, message, user attempt to log in
