Together this means that to enable the setting to allow users to connect remotely to this computer, the following OMA-URI configuration can be used: Related to ADMX-backed policies, this could translate to a value of. Every element must show as data in the ADMX-backed policy. The additional element for that setting is TS_ENCRYPTION_LEVEL and the available values for that element are 1, 2 and 3. In this case the setting is TS_ENCRYPTION_POLICY. That file contains readable information and shows the name of the setting in the ADMX-file. To find the related setting in that AMDX-file, my advise is to first find the setting in the related AMDL-file. Minor detail, this ADMX-file doesn’t contain readable information related to the required setting. The ADMX-file contains the available elements that are required when the setting is enabled. Note: When a setting contains more configuration options, like the ClientConnectionEncryptionLevel setting, which relates to the Set client connection encryption level setting, then it’s required to dive into the ADMX-file that contains the GPO setting. Related to ADMX-backed policies, this translates to a value of or. That shows that the only available values are Not Configured, Enabled and Disabled. The related GPO setting is named Allow users to connect remotely by using Remote Desktop Services and can be found at Computer Configuration > Policies > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Connections. To get the available values for the AllowUsersToConnectRemotely setting, it’s good to double-check the configuration options in the local Group Policy Editor. That’s the setting AllowUsersToConnectRemotely. Now that I’ve been through the available settings related to Remote Desktop, let’s have closer look at the setting that enables the administrator to allow users to connect remotely to this computer. This setting allows the administrator to specify whether a Remote Desktop Session Host server requires secure RPC communication with all clients. This setting allows the administrator to specify whether Remote Desktop Services always prompts the client for a password upon connection. This setting allows the administrator to control whether passwords can be saved on this computer from Remote Desktop Connection. This setting allows the administrator to specify whether to prevent the mapping of client drives in a Remote Desktop Services session (drive redirection). This setting allows the administrator to specify whether to require the use of a specific encryption level. This setting allows the administrator to configure remote access to computers by using Remote Desktop Services. Vendor/MSFT/Policy/Config/ RemoteDesktopServices and contains the following settings. The Remote Desktop related settings are grouped below. The root node for the Remote Desktop related settings is, in the Policy CSP. Available settingsĪs Windows 10, version 1703, introduced a few new settings to manage Remote Desktop, I thought it would be good to briefly go through these new settings. After that I’ll put those two together in a configuration example. I’ll do that by first going through the available settings, related to Remote Desktop, and getting the required values. Now let’s have look at the configuration for enabling the setting to allow users to connect remotely to this computer. When the MDM policy is referenced, this metadata is referenced and determines which registry keys are set or removed. Windows maps the name and category path of a GPO to a MDM policy area, and policy name, by parsing the associated ADMX-file, finding the specified GPO, and storing the metadata in the Policy CSP. Each setting in an administrative template corresponds to a specific registry value. Each administrative template specifies the registry keys, and their values, that are associated with a GPO and defines the policy settings that can be managed. In an ADMX-backed policy, an administrative template contains the metadata of a GPO. Starting with Windows 10, version 1703, the Policy CSP can now also handle ADMX-backed policies. I’ll end this post by showing the end-user experience. In this post I’ll provide a short introduction about ADMX-backed policies, which is actually a short summary of the Microsoft docs, and I’ll show a configuration example. To enable that specific setting, Windows 10, version 1703, introduced ADMX-backed policy via the Policy CSP. This post is focused on enabling the setting to allow users to connect remotely to this computer via Remote Desktop. This week another blog post about new MDM capabilities that are introduced in Windows 10, version 1703.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |