There are scripts you could GPO.
Don Guyer Windows Systems Engineer Datasafe Platform Enterprise Technology Group Fiserv [email protected] Office: 1-800-523-7282 x 1673 Fax: 610-293-4499 www.fiserv.com <http://www.fiserv.com/> From: Rankin, James R [mailto:[email protected]] Sent: Monday, March 21, 2011 3:49 PM To: NT System Admin Issues Subject: Re: Win 7 configuration options? Can you disable Libraries via GPO? Please share if there is a way...libraries are a pain for users used to the old ways Typed frustratingly slowly on my BlackBerry® wireless device ________________________________ From: "Tom Miller" <[email protected]> Date: Mon, 21 Mar 2011 14:29:19 -0400 To: NT System Admin Issues<[email protected]> ReplyTo: "NT System Admin Issues" <[email protected]> Subject: RE: Win 7 configuration options? We are starting the Win 7 rollout here as well. The only two things I added to our standard settings were 1) Disable the really annoying "Action Center" and 2) Disable Windows Libraries. Windows Libraries are a neat idea, but at least in my work environment it will just add to confusion. I can send you GPO edits for these if you want. Tom >>> "Steven M. Caesare" <[email protected]> 3/21/2011 2:25 PM >>> Oh agreed. We are using Group Policy for enforcing the US Government Baseline security settings… but that’s been implemented by my network team here, and focused specifically on the policy settings we have to implement to comply with the mandates. But by and large it looks like the desktop group here has had almost zero configuration definitions or best practices for all the other Win configuration options… I’m trying to collect whatever collateral to put in front of them that I can on short notice to get them thinking on what they can do from a centralized configuration perspective… do they can take a stab at building a config document to generate an image to validate against. -sc From: William Robbins [mailto:[email protected]] Sent: Monday, March 21, 2011 2:19 PM To: NT System Admin Issues Subject: Re: Win 7 configuration options? Well, in my past positions, we started off with business needs, and looked to see what we could accomplish with GPO's. Typically it was things to meet/exceed existing security polcies, but were sometimes as trite as setting a facility specific wallpaper. I suppose, not knowing what you are needing to accomplish, I can't offer much advice save the term "baby steps." GPO's are awesome magical beings that when used inappropriately, or in error can wreak havoc faster than you can say Rumplstilkskin! - WJR On Mon, Mar 21, 2011 at 13:01, Steven M. Caesare <[email protected]> wrote: Awesome, thanks WJR. Next question… how do folks define what they want in their organizations? Do you go through this ginormous document? Do you just decide on SOME things you want to do initially (redirect default save locations, etc…), and then refine over time? How do you go about deciding settings things that_AREN’T_ managed via GPO? My gut and initial reading seems to reinforce the idea that I want’ very little customization in the image itself… just the OS and necessary drivers.. with just the things I cannot manage via GPO. After that we’ll layer apps on as individual packages. Is that how you folks are addressing client lifecycle configuration and management? Thanks. -sc From: William Robbins [mailto:[email protected]] Sent: Monday, March 21, 2011 1:52 PM To: NT System Admin Issues Subject: Re: Win 7 configuration options? Lest I be thought completely useless: Group Policy Settings Reference for Windows and Windows Server http://www.microsoft.com/downloads/en/details.aspx?FamilyID=18c90c80-8b0a-4906-a4f5-ff24cc2030fb&displaylang=en - WJR On Mon, Mar 21, 2011 at 12:32, Steven M. Caesare <[email protected]> wrote: So… I’m being pulled in to a Windows 7 rollout project that previously has had very little adult supervision… and as such needs to have several parts of it rebooted. We need to quickly do some work to define what configuration options we want in the base image we are going to deploy. The obvious goal is to manage as much via GPO as possible… but not everything is GPO-manageable (power setting, etc…?). Regardless as to if the setting is set via GPO, it still needs to be decided upon. So my question is: Other than paging through the GPO MMC snapin and looking at each setting, is there good comprehensive doc that lists everything out that we can use as the basis for discussion? If this does exist, does it cover all the things not managed via GPO as well? Thanks. -sc ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
