Commonly used Windows Group Policy Items
- Enable AD User and Computers management MMC in Windows 7
- "Control Panel -> Programs and Features -> Turn Windows features on or off -> Remote Server Administration Tools -> AD DS and AD LDS Tools"
控制台\程式集\開啟或關閉Windows功能 --> 遠端伺服器管理工具\角色管理工具\AD DS與AD LDS工具 - (Optional) If you cannot find "Remote Server Administration Tools", you may need to download and install.
- Group Policy Management Console 群組原則管理 (gpmc.msc)
- You may need to enable first:
"Control Panel -> Programs and Features -> Turn Windows features on or off -> Remote Server Administration Tools -> Group Policy Management Tools"控制台\程式集\開啟或關閉Windows功能 --> 遠端伺服器管理工具\功能管理工具\群組原則管理工具 - Prevent access to command line
- User Configuration\Administrative Templates\System\Prevent access to the command prompt
使用者設定\原則\系統管理範本\系統\防止存取命提示字元 - Remove Windows Explorer's default context menu
- User Configuration\Administrative Templates\Windows Explorer
使用者設定\原則\系統管理範本\Windows元件\Windows檔案總管 - Stop Control Panel
- User Configuration\Administrative Templates\Control Panel\Prohibit access to the Control Panel
使用者設定\原則\系統管理範本\控制台\禁止存取控制台 - Enable specific items inside control panel
- Must enable Control Panel first
- User Configuration\Administrative Templates\Control Panel\Show only specified Control Panel items
使用者設定\原則\系統管理範本\控制台\只顯示指定的控制台項目 - User Configuration\Administrative Templates\Control Panel\Show only specified Control Panel items
使用者設定\原則\系統管理範本\控制台\只顯示指定的控制台項目 - You need to enter the which item to be allowed to run. Please refer to here or here (Win7)
Reference: TechNet
Comments