Logon Shield Policy Group
The Logon Shield policy group specifies Logon Shield options for Microsoft Windows agents. You can modify policy parameter values using either the Logon Shield configuration view or the Setting Properties dialog.
Windows Vista only: If enabled, some Windows policy security options are controlled by Logon Shield. They are set by Logon Shield in the scope of installing, activating, or uninstalling the Logon Shield.
Note: If you prefer controlling these security options using Windows group policies, disable this policy. Otherwise, both configuration systems would interfere with each other and cause unpredictable results.
Default: Enabled
Indicates whether pressing CTRL+ALT+DEL is required before a user can log on. If this policy is enabled, a user is required to press CTRL+ALT+DEL before logging on to Windows. For use with Logon Shield, it is highly recommended that this policy be disabled.
Default: Disabled
Determines whether a user can use fast user switching. When this policy is enabled, it is not possible to switch users without logging off. For use with Logon Shield, it is highly recommended that this policy be enabled.
Default: Enabled
Specifies a period of time after which the system will be unblocked. This policy defines the maximum time in minutes for which logon will be prevented, thereby avoiding permanent blocking of a system.
Default: 120, <locally managed>
Determines the log-on condition under which software delivery jobs are executed and the installation status of the Logon Shield. Valid modes of operation are as follows:
Indicates that the Logon Shield provider and -filter COM modules are unregistered on Windows Vista. On earlier versions of Windows, the sxpgina.dll is uninstalled.
Indicates that Logon Shield is not activated when a software delivery job executes.
Forces the user to log off when a software delivery job is waiting to be executed. The Logon Shield is activated during job execution.
As a condition of a previously defined software delivery job, forces the user to log off when the job is waiting to be executed.
Indicates that software delivery jobs are only executed when a user is logged off. However, the user is not asked to log off when a software delivery job is pending. The Logon Shield is active during job execution.
Indicates that pending software delivery jobs are only executed when a user is logged on.
Default: Logon Shield not installed, <locally managed>
Determines whether a computer can be shut down without having to log on to Windows. When this policy is disabled, users must be able to log on to the computer successfully and have the "Shut down the system" user right before they can perform a system shutdown. For use with Logon Shield, it is highly recommended that this policy be disabled.
Default: Disabled
|
Copyright © 2013 CA.
All rights reserved.
|
|