Posts Tagged ‘Policies’

Offline File Policies

Windows 7 has several Offline File polices that helps systems administrators maintain users productivity when a temporary disruption occurs or when a user is out of the office, however, it is worth noting that among the 28 polices there are some vital ones that gives administrators the control needed to manage this feature appropriately.  In this post I will discuss the policies that allow you to exclude specific file types from being available offline, how often background synchronization occurs in slow-link mode and other important parameters.

Read more…


Be the first to comment - What do you think?  Posted by George - November 9, 2011 at 4:23 am

Categories: Management, Performance, Security   Tags: , , , , , , , , ,

Windows Update Local Group Policies

Although most Windows 7 users go to Control Panel to configure basic Windows Updates settings, it is worth noting that from the Local Group Policy Editor you can further fine tune Windows Updates with additional settings that are not found in the Control Panel.

Read more…

Be the first to comment - What do you think?  Posted by George - July 16, 2011 at 3:24 am

Categories: Management   Tags: , , , , , , ,

AppLocker – Part 1: Application Control Policies

Unlike the Software Restrictions Policies, the AppLocker Application Control Policies are available only in Windows 7 Enterprise and Ultimate editions, and all editions of Windows Server 2008 R2. AppLocker policies build upon the Software Restriction Polices functionality but have additional features which make them far more powerful and useful. One of the main enhancements is the ability to specify which users can run specific applications. Now, rules can be based on file attributes such as, file name, file version, etc. You can create exceptions to rules and assign a rule to a security group or an individual user. The various added features are audit-only mode, policy import and export, rule collection, PowerShell support, custom error messages and a wizard to create multiple rules at once. The Policies are found in the Computer Configuration\Windows Settings\Security Settings\Application Control Policies node.

The first caution worth noting is when you are upgrading computers to Windows 7 with enabled Software Restriction Policies. If you implement AppLocker policies to the upgraded computer, then only the AppLocker rules are enforced. Secondly, AppLocker depends on the Application Identity Service which is set to a Manual startup state by default. Before setting the service to start automatically make sure that the policies are correctly set as incorrect rules may turn your computer unusable.  Finally, keep in mind that when DLL rules are used users may experience a reduction in performance as AppLocker checks DLLs when the application is loading.

Creating Default Rules

Read more…

Be the first to comment - What do you think?  Posted by George - November 27, 2010 at 3:09 am

Categories: Security   Tags: , , , , , , , ,