Do not process the run once list
This policy setting ignores customized run-once lists.
You can create a customized list of additional programs and documents that are started automatically the next time the system starts (but not thereafter). These programs are added to the standard list of programs and services that the system starts.
If you enable this policy setting, the system ignores t ...
Deny log on as a service
This security setting determines which service accounts are prevented from registering a process as a service. This policy setting supersedes the Log on as a service policy setting if an account is subject to both policies.Note: This security setting does not apply to the System, Local Service, or Network Service accounts.
When configuring a user right in the SCM enter a ...
Specify intranet Microsoft update service location
This policy setting allows you to specify an intranet server to host updates from the Microsoft Update Web site. You can then use this update service location to automatically update computers on your network. The Automatic Updates client will search this service for updates that apply to the computers on your network.
To use the Specify intranet ...
Allow .rdp files from unknown publishers
This policy setting allows you to specify whether users can run unsigned Remote Desktop Protocol (.rdp) files and .rdp files from unknown publishers on the client computer.
If you enable or do not configure this policy setting, users can run unsigned .rdp files and .rdp files from unknown publishers on the client computer. Before a user starts an RDP se ...
Configure the level of TPM owner authorization information available to the operating system
This policy setting configures how much of the TPM owner authorization information is stored in the registry of the local computer. Depending on the amount of TPM owner authorization information stored locally, the operating system and TPM-based applications can perform certain TPM actions which requir ...
Turn off Windows Mail application
Denies or allows access to the Windows Mail application.
If you enable this setting, access to the Windows Mail application is denied.
If you disable or do not configure this setting, access to the Windows Mail application is allowed.
Control the location of the log file
This policy setting controls the location of the log file. The location of the file must be writable by the Event Log service and should only be accessible to administrators.
If you enable this policy setting, the Event Log uses the path specified in this policy setting.
If you disable or do not configure this policy setting, the Event Log uses the syste ...
No Entire Network in Network Locations
Removes all computers outside of the user's workgroup or local domain from lists of network resources in File Explorer and Network Locations.
If you enable this setting, the system removes the Entire Network option and the icons representing networked computers from Network Locations and from the browser associated with the Map Network Drive option.
Th ...
Prevent access to drives from My Computer
Prevents users from using My Computer to gain access to the content of selected drives.
If you enable this setting, users can browse the directory structure of the selected drives in My Computer or File Explorer, but they cannot open folders and access the contents. Also, they cannot use the Run dialog box or the Map Network Drive dialog box to view th ...