Be aware a load of those GPOs are XP/2003 only. Here’s an article documenting my adventures with it (admittedly from a while back) http://www.htguk.com/appsense-desktopnow-and-offline-files/
From: [email protected] [mailto:[email protected]] On Behalf Of Charles F Sullivan Sent: 20 June 2017 19:28 To: [email protected] Subject: RE: [NTSysADM] PCI nightmare - c:\windows\csc files You should looking into this Group Policy setting under Computer Configuration: Administrative Templates > Network > Offline Files > Allow or disallow use of the Offline Files feature There are other settings in there which might also help pass a PCI audit, such as Encrypt the Offline Files Cache. That setting could be used as an alternative in case you would like to keep the feature. From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Richard McClary Sent: Tuesday, June 20, 2017 12:32 PM To: [email protected]<mailto:[email protected]> Subject: [NTSysADM] PCI nightmare - c:\windows\csc files Greetings! Since MS had the annoying habit of enabling off-line caching, I have a PCI nightmare. All our workstations are Window 7 Professional, SP1. A scan by an application called “IdentityFinder” has located 3000+ files among several dozen machines it claims has either social security numbers or credit card information. They are off-line cached files in c:\windows\CSC\... So far, my Google searches seem to indicate I go to each machine (possibly remote desktop), log in, and delete off-line files (Sync Center, etc). This seems to delete my own off-line cached files on that machine (and there are none). I would prefer to do this remotely, also preferably accessing the C: drive on each machine without needing to log in (24x7 operation, and chances are most seats will be occupied). An aggravation is, I do not know where these machines are. They all have a 12-character “name”, and most differ from one another by 1 or 2 characters, which makes things extra fun. Trying to remotely access the C$ volume and taking ownership of the C:\Windows\CSC directory and whacking things has worked in the past (MS says to not do that – presumably because it damages the off-line caching system, which is just fine!), but there have been some machines where this has not worked. So to summarize, is there a way to remotely clean out the c:\windows\CSC folder on a number of remote workstations? Thank you… The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals® (ASPCA®) and is intended only for use by the addressee(s) named herein and may contain privileged and/or confidential information. If you are not the intended recipient(s) of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited unless authorized by the sender. If you have received this e-mail in error, please immediately notify the sender by reply email and permanently delete this e-mail and any printout thereof.
